Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe

Overview

General Information

Sample name:SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe
Analysis ID:1430644
MD5:78537045a5e032d4ac93514f027c7a47
SHA1:5b6e705b20652c0cf39ee890013b9b8e8ad26b07
SHA256:06812518a722af6f98fbd8c3a5ace0cad1c6d53477972618728e64bafcbc948c
Tags:exe
Infos:

Detection

PureLog Stealer, zgRAT
Score:40
Range:0 - 100
Whitelisted:false
Confidence:100%

Compliance

Score:36
Range:0 - 100

Signatures

Malicious sample detected (through community Yara rule)
Yara detected PureLog Stealer
Yara detected zgRAT
Modifies the windows firewall
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
Uses netsh to modify the Windows network and firewall settings
Yara detected Generic Downloader
Allocates memory with a write watch (potentially for evading sandboxes)
Binary contains a suspicious time stamp
Checks if Antivirus/Antispyware/Firewall program is installed (via WMI)
Connects to many different domains
Contains functionality for read data from the clipboard
Contains functionality to shutdown / reboot the system
Contains long sleeps (>= 3 min)
Creates a process in suspended mode (likely to inject code)
Creates files inside the system directory
Deletes files inside the Windows folder
Detected potential crypto function
Drops PE files
Drops PE files to the windows directory (C:\Windows)
Drops files with a non-matching file extension (content does not match file extension)
EXE planting / hijacking vulnerabilities found
Found URL in obfuscated visual basic script code
Found dropped PE file which has not been started or loaded
IP address seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
PE file contains sections with non-standard names
Queries sensitive Operating System Information (via WMI, Win32_ComputerSystem, often done to detect virtual machines)
Queries sensitive processor information (via WMI, Win32_Processor, often done to detect virtual machines)
Queries the volume information (name, serial number etc) of a device
Sample execution stops while process was sleeping (likely an evasion)
Sigma detected: Execution of Suspicious File Type Extension
Sigma detected: Use Short Name Path in Command Line
Stores files to the Windows start menu directory
Stores large binary data to the registry
Uses 32bit PE files
Very long cmdline option found, this is very uncommon (may be encrypted or packed)
Yara signature match

Classification

Process Tree

  • System is w10x64
  • SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe (PID: 2632 cmdline: "C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe" MD5: 78537045A5E032D4AC93514F027C7A47)
    • FiddlerSetup.exe (PID: 6724 cmdline: "C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" /D= MD5: 5D96B95B066D797C7C468D125882DDCF)
      • netsh.exe (PID: 7216 cmdline: "C:\Windows\system32\netsh.exe" advfirewall firewall delete rule name="FiddlerProxy" MD5: 4E89A1A088BE715D6C946E55AB07C7DF)
        • conhost.exe (PID: 7224 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • netsh.exe (PID: 7232 cmdline: "C:\Windows\system32\netsh.exe" advfirewall firewall add rule name="FiddlerProxy" program="C:\Users\user\AppData\Local\Programs\Fiddler\Fiddler.exe" action=allow profile=any dir=in edge=deferuser protocol=tcp description="Permit inbound connections to Fiddler" MD5: 4E89A1A088BE715D6C946E55AB07C7DF)
        • conhost.exe (PID: 7252 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • ngen.exe (PID: 7260 cmdline: "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exe" install "C:\Users\user\AppData\Local\Programs\Fiddler\Fiddler.exe" MD5: B6C3FE33B436E5006514403824F17C66)
        • conhost.exe (PID: 7276 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
        • mscorsvw.exe (PID: 7476 cmdline: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 1cc -InterruptEvent 0 -NGENProcess 1bc -Pipe 1c8 -Comment "NGen Worker Process" MD5: 412A3FB0C25743DA59375C1E298933EA)
        • mscorsvw.exe (PID: 7248 cmdline: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 26c -InterruptEvent 0 -NGENProcess 260 -Pipe 268 -Comment "NGen Worker Process" MD5: 412A3FB0C25743DA59375C1E298933EA)
        • mscorsvw.exe (PID: 7384 cmdline: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 27c -InterruptEvent 0 -NGENProcess 270 -Pipe 278 -Comment "NGen Worker Process" MD5: 412A3FB0C25743DA59375C1E298933EA)
        • mscorsvw.exe (PID: 7404 cmdline: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 28c -InterruptEvent 0 -NGENProcess 280 -Pipe 288 -Comment "NGen Worker Process" MD5: 412A3FB0C25743DA59375C1E298933EA)
        • mscorsvw.exe (PID: 7272 cmdline: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 29c -InterruptEvent 0 -NGENProcess 290 -Pipe 298 -Comment "NGen Worker Process" MD5: 412A3FB0C25743DA59375C1E298933EA)
        • mscorsvw.exe (PID: 7972 cmdline: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2ec -InterruptEvent 0 -NGENProcess 2dc -Pipe 264 -Comment "NGen Worker Process" MD5: 412A3FB0C25743DA59375C1E298933EA)
        • mscorsvw.exe (PID: 1860 cmdline: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2c8 -InterruptEvent 0 -NGENProcess 2fc -Pipe 290 -Comment "NGen Worker Process" MD5: 412A3FB0C25743DA59375C1E298933EA)
        • mscorsvw.exe (PID: 2840 cmdline: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2fc -InterruptEvent 0 -NGENProcess 26c -Pipe 2c8 -Comment "NGen Worker Process" MD5: 412A3FB0C25743DA59375C1E298933EA)
        • mscorsvw.exe (PID: 2992 cmdline: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2f4 -InterruptEvent 0 -NGENProcess 294 -Pipe 304 -Comment "NGen Worker Process" MD5: 412A3FB0C25743DA59375C1E298933EA)
        • mscorsvw.exe (PID: 1920 cmdline: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 314 -InterruptEvent 0 -NGENProcess 2f0 -Pipe 2ec -Comment "NGen Worker Process" MD5: 412A3FB0C25743DA59375C1E298933EA)
        • mscorsvw.exe (PID: 4736 cmdline: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 314 -InterruptEvent 0 -NGENProcess 2f0 -Pipe 2f4 -Comment "NGen Worker Process" MD5: 412A3FB0C25743DA59375C1E298933EA)
        • mscorsvw.exe (PID: 5576 cmdline: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 308 -InterruptEvent 0 -NGENProcess 2f4 -Pipe 264 -Comment "NGen Worker Process" MD5: 412A3FB0C25743DA59375C1E298933EA)
        • mscorsvw.exe (PID: 4704 cmdline: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 270 -InterruptEvent 0 -NGENProcess 2dc -Pipe 304 -Comment "NGen Worker Process" MD5: 412A3FB0C25743DA59375C1E298933EA)
        • mscorsvw.exe (PID: 4240 cmdline: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 270 -InterruptEvent 0 -NGENProcess 330 -Pipe 328 -Comment "NGen Worker Process" MD5: 412A3FB0C25743DA59375C1E298933EA)
        • mscorsvw.exe (PID: 5128 cmdline: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 318 -InterruptEvent 0 -NGENProcess 320 -Pipe 30c -Comment "NGen Worker Process" MD5: 412A3FB0C25743DA59375C1E298933EA)
        • mscorsvw.exe (PID: 1540 cmdline: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 324 -InterruptEvent 0 -NGENProcess 18c -Pipe 330 -Comment "NGen Worker Process" MD5: 412A3FB0C25743DA59375C1E298933EA)
        • mscorsvw.exe (PID: 6488 cmdline: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2f4 -InterruptEvent 0 -NGENProcess 280 -Pipe 270 -Comment "NGen Worker Process" MD5: 412A3FB0C25743DA59375C1E298933EA)
        • mscorsvw.exe (PID: 2648 cmdline: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2dc -InterruptEvent 0 -NGENProcess 324 -Pipe 2f4 -Comment "NGen Worker Process" MD5: 412A3FB0C25743DA59375C1E298933EA)
        • mscorsvw.exe (PID: 2916 cmdline: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 260 -InterruptEvent 0 -NGENProcess 2a4 -Pipe 328 -Comment "NGen Worker Process" MD5: 412A3FB0C25743DA59375C1E298933EA)
        • mscorsvw.exe (PID: 576 cmdline: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 328 -InterruptEvent 0 -NGENProcess 338 -Pipe 18c -Comment "NGen Worker Process" MD5: 412A3FB0C25743DA59375C1E298933EA)
        • mscorsvw.exe (PID: 3084 cmdline: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2dc -InterruptEvent 0 -NGENProcess 320 -Pipe 334 -Comment "NGen Worker Process" MD5: 412A3FB0C25743DA59375C1E298933EA)
        • mscorsvw.exe (PID: 7900 cmdline: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 318 -InterruptEvent 0 -NGENProcess 34c -Pipe 31c -Comment "NGen Worker Process" MD5: 412A3FB0C25743DA59375C1E298933EA)
        • mscorsvw.exe (PID: 6544 cmdline: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 324 -InterruptEvent 0 -NGENProcess 354 -Pipe 328 -Comment "NGen Worker Process" MD5: 412A3FB0C25743DA59375C1E298933EA)
        • mscorsvw.exe (PID: 2692 cmdline: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 364 -InterruptEvent 0 -NGENProcess 340 -Pipe 360 -Comment "NGen Worker Process" MD5: 412A3FB0C25743DA59375C1E298933EA)
        • mscorsvw.exe (PID: 2056 cmdline: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 388 -InterruptEvent 0 -NGENProcess 38c -Pipe 398 -Comment "NGen Worker Process" MD5: 412A3FB0C25743DA59375C1E298933EA)
        • mscorsvw.exe (PID: 7372 cmdline: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 388 -InterruptEvent 0 -NGENProcess 370 -Pipe 36c -Comment "NGen Worker Process" MD5: 412A3FB0C25743DA59375C1E298933EA)
        • mscorsvw.exe (PID: 7116 cmdline: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3b4 -InterruptEvent 0 -NGENProcess 3a8 -Pipe 3b0 -Comment "NGen Worker Process" MD5: 412A3FB0C25743DA59375C1E298933EA)
        • mscorsvw.exe (PID: 3588 cmdline: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3ac -InterruptEvent 0 -NGENProcess 3cc -Pipe 394 -Comment "NGen Worker Process" MD5: 412A3FB0C25743DA59375C1E298933EA)
        • mscorsvw.exe (PID: 2044 cmdline: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3a8 -InterruptEvent 0 -NGENProcess 3ac -Pipe 384 -Comment "NGen Worker Process" MD5: 412A3FB0C25743DA59375C1E298933EA)
        • mscorsvw.exe (PID: 4504 cmdline: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3d8 -InterruptEvent 0 -NGENProcess 3dc -Pipe 3e8 -Comment "NGen Worker Process" MD5: 412A3FB0C25743DA59375C1E298933EA)
        • mscorsvw.exe (PID: 6336 cmdline: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3a8 -InterruptEvent 0 -NGENProcess 3b4 -Pipe 280 -Comment "NGen Worker Process" MD5: 412A3FB0C25743DA59375C1E298933EA)
        • mscorsvw.exe (PID: 7492 cmdline: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 38c -InterruptEvent 0 -NGENProcess 3a4 -Pipe 370 -Comment "NGen Worker Process" MD5: 412A3FB0C25743DA59375C1E298933EA)
        • mscorsvw.exe (PID: 3576 cmdline: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3b8 -InterruptEvent 0 -NGENProcess 3d0 -Pipe 3c4 -Comment "NGen Worker Process" MD5: 412A3FB0C25743DA59375C1E298933EA)
        • mscorsvw.exe (PID: 7944 cmdline: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3b8 -InterruptEvent 0 -NGENProcess 3e4 -Pipe 3e0 -Comment "NGen Worker Process" MD5: 412A3FB0C25743DA59375C1E298933EA)
        • mscorsvw.exe (PID: 7360 cmdline: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3ac -InterruptEvent 0 -NGENProcess 3ec -Pipe 3c0 -Comment "NGen Worker Process" MD5: 412A3FB0C25743DA59375C1E298933EA)
        • mscorsvw.exe (PID: 2916 cmdline: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3b8 -InterruptEvent 0 -NGENProcess 3a8 -Pipe 3c8 -Comment "NGen Worker Process" MD5: 412A3FB0C25743DA59375C1E298933EA)
        • mscorsvw.exe (PID: 2928 cmdline: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3d0 -InterruptEvent 0 -NGENProcess 3e4 -Pipe 3ec -Comment "NGen Worker Process" MD5: 412A3FB0C25743DA59375C1E298933EA)
        • mscorsvw.exe (PID: 6812 cmdline: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3d8 -InterruptEvent 0 -NGENProcess 3bc -Pipe 3b8 -Comment "NGen Worker Process" MD5: 412A3FB0C25743DA59375C1E298933EA)
        • mscorsvw.exe (PID: 7048 cmdline: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 390 -InterruptEvent 0 -NGENProcess 3d8 -Pipe 3a0 -Comment "NGen Worker Process" MD5: 412A3FB0C25743DA59375C1E298933EA)
        • mscorsvw.exe (PID: 5208 cmdline: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3d8 -InterruptEvent 0 -NGENProcess 3ac -Pipe 3d4 -Comment "NGen Worker Process" MD5: 412A3FB0C25743DA59375C1E298933EA)
        • mscorsvw.exe (PID: 7240 cmdline: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 390 -InterruptEvent 0 -NGENProcess 3d8 -Pipe 3b8 -Comment "NGen Worker Process" MD5: 412A3FB0C25743DA59375C1E298933EA)
        • mscorsvw.exe (PID: 2908 cmdline: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3e4 -InterruptEvent 0 -NGENProcess 3d0 -Pipe 388 -Comment "NGen Worker Process" MD5: 412A3FB0C25743DA59375C1E298933EA)
        • mscorsvw.exe (PID: 3920 cmdline: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 38c -InterruptEvent 0 -NGENProcess 3d8 -Pipe 3e4 -Comment "NGen Worker Process" MD5: 412A3FB0C25743DA59375C1E298933EA)
          • conhost.exe (PID: 7508 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • ngen.exe (PID: 7284 cmdline: "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exe" install "C:\Users\user\AppData\Local\Programs\Fiddler\EnableLoopback.exe" MD5: B6C3FE33B436E5006514403824F17C66)
        • conhost.exe (PID: 7328 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
        • mscorsvw.exe (PID: 6332 cmdline: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 1d4 -InterruptEvent 0 -NGENProcess 1c4 -Pipe 1d0 -Comment "NGen Worker Process" MD5: 412A3FB0C25743DA59375C1E298933EA)
        • mscorsvw.exe (PID: 4524 cmdline: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2a4 -InterruptEvent 0 -NGENProcess 298 -Pipe 2a0 -Comment "NGen Worker Process" MD5: 412A3FB0C25743DA59375C1E298933EA)
        • mscorsvw.exe (PID: 7748 cmdline: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2c0 -InterruptEvent 0 -NGENProcess 268 -Pipe 2bc -Comment "NGen Worker Process" MD5: 412A3FB0C25743DA59375C1E298933EA)
        • mscorsvw.exe (PID: 7216 cmdline: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2b4 -InterruptEvent 0 -NGENProcess 2a8 -Pipe 2b0 -Comment "NGen Worker Process" MD5: 412A3FB0C25743DA59375C1E298933EA)
        • mscorsvw.exe (PID: 5204 cmdline: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 260 -InterruptEvent 0 -NGENProcess 264 -Pipe 26c -Comment "NGen Worker Process" MD5: 412A3FB0C25743DA59375C1E298933EA)
        • mscorsvw.exe (PID: 7236 cmdline: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2c8 -InterruptEvent 0 -NGENProcess 300 -Pipe 334 -Comment "NGen Worker Process" MD5: 412A3FB0C25743DA59375C1E298933EA)
        • mscorsvw.exe (PID: 5932 cmdline: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 270 -InterruptEvent 0 -NGENProcess 2b8 -Pipe 2c0 -Comment "NGen Worker Process" MD5: 412A3FB0C25743DA59375C1E298933EA)
      • SetupHelper (PID: 7296 cmdline: "C:\Users\user\AppData\Local\Programs\Fiddler\SetupHelper" /a "C:\Users\user\AppData\Local\Programs\Fiddler" MD5: 1289DC21A51FB89E685FA4C91764C00E)
        • conhost.exe (PID: 7312 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • chrome.exe (PID: 7596 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://fiddler2.com/r/?Fiddler2FirstRun MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)
        • chrome.exe (PID: 7880 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2660 --field-trial-handle=2244,i,18061082204408847072,8654867018620333004,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)
  • cleanup

Malware Threat Intel

Provided by

NameDescriptionAttributionBlogpost URLsLink
zgRATzgRAT is a Remote Access Trojan malware which sometimes drops other malware such as AgentTesla malware. zgRAT has an inforstealer use which targets browser information and cryptowallets.Usually spreads by USB or phishing emails with -zip/-lnk/.bat/.xlsx attachments and so on.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.zgrat

Malware Configuration

No configs have been found

Yara Signatures

Dropped Files

SourceRuleDescriptionAuthorStrings
C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\netstandard.dllJoeSecurity_GenericDownloader_1Yara detected Generic DownloaderJoe Security
    C:\Users\user\AppData\Local\Programs\Fiddler\Fiddler.exeJoeSecurity_zgRAT_1Yara detected zgRATJoe Security
      C:\Users\user\AppData\Local\Programs\Fiddler\Fiddler.exeJoeSecurity_PureLogStealerYara detected PureLog StealerJoe Security
        C:\Users\user\AppData\Local\Programs\Fiddler\Fiddler.exeMALWARE_Win_zgRATDetects zgRATditekSHen
        • 0x2c0fc2:$s1: file:///
        • 0x2c0ef8:$s2: {11111-22222-10009-11112}
        • 0x2c0f52:$s3: {11111-22222-50001-00000}
        • 0x2be423:$s4: get_Module
        • 0x29851a:$s5: Reverse
        • 0x2812e9:$s6: BlockCopy
        • 0x28a2ad:$s7: ReadByte
        • 0x2c0fd4:$s8: 4C 00 6F 00 63 00 61 00 74 00 69 00 6F 00 6E 00 00 0B 46 00 69 00 6E 00 64 00 20 00 00 13 52 00 65 00 73 00 6F 00 75 00 72 00 63 00 65 00 41 00 00 11 56 00 69 00 72 00 74 00 75 00 61 00 6C 00 ...
        C:\Users\user\AppData\Local\Temp\nsoE58F.tmpJoeSecurity_PureLogStealerYara detected PureLog StealerJoe Security

          Unpacked PEs

          SourceRuleDescriptionAuthorStrings
          3.2.FiddlerSetup.exe.2ccf202.15.raw.unpackJoeSecurity_GenericDownloader_1Yara detected Generic DownloaderJoe Security
            3.2.FiddlerSetup.exe.2af94ae.11.raw.unpackJoeSecurity_GenericDownloader_1Yara detected Generic DownloaderJoe Security
              3.2.FiddlerSetup.exe.2adb956.10.raw.unpackJoeSecurity_GenericDownloader_1Yara detected Generic DownloaderJoe Security

                Sigma Signatures

                System Summary

                barindex
                Sigma detected: Execution of Suspicious File Type Extension
                Source: Process startedAuthor: Max Altgelt (Nextron Systems): Data: Command: "C:\Users\user\AppData\Local\Programs\Fiddler\SetupHelper" /a "C:\Users\user\AppData\Local\Programs\Fiddler", CommandLine: "C:\Users\user\AppData\Local\Programs\Fiddler\SetupHelper" /a "C:\Users\user\AppData\Local\Programs\Fiddler", CommandLine|base64offset|contains: , Image: C:\Users\user\AppData\Local\Programs\Fiddler\SetupHelper, NewProcessName: C:\Users\user\AppData\Local\Programs\Fiddler\SetupHelper, OriginalFileName: C:\Users\user\AppData\Local\Programs\Fiddler\SetupHelper, ParentCommandLine: "C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" /D=, ParentImage: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe, ParentProcessId: 6724, ParentProcessName: FiddlerSetup.exe, ProcessCommandLine: "C:\Users\user\AppData\Local\Programs\Fiddler\SetupHelper" /a "C:\Users\user\AppData\Local\Programs\Fiddler", ProcessId: 7296, ProcessName: SetupHelper
                Sigma detected: Use Short Name Path in Command Line
                Source: Process startedAuthor: frack113, Nasreddine Bencherchali: Data: Command: "C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" /D=, CommandLine: "C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" /D=, CommandLine|base64offset|contains: , Image: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe, NewProcessName: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe, OriginalFileName: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe, ParentCommandLine: "C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe", ParentImage: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe, ParentProcessId: 2632, ParentProcessName: SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe, ProcessCommandLine: "C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" /D=, ProcessId: 6724, ProcessName: FiddlerSetup.exe
                Sigma detected: Modification of IE Registry Settings
                Source: Registry Key setAuthor: frack113: Data: Details: 1, EventID: 13, EventType: SetValue, Image: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe, ProcessId: 6724, TargetObject: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyHttp1.1

                Snort Signatures

                No Snort rule has matched

                Joe Sandbox Signatures

                Click to jump to signature section

                Show All Signature Results
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeEXE: C:\Users\user\AppData\Local\Programs\Fiddler\Fiddler.exeJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeEXE: C:\Users\user\AppData\Local\Programs\Fiddler\ExecAction.exeJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeEXE: C:\Users\user\AppData\Local\Programs\Fiddler\ScriptEditor\FSE2.exeJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeEXE: C:\Users\user\AppData\Local\Programs\Fiddler\Tools\Brotli.exeJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeEXE: C:\Users\user\AppData\Local\Programs\Fiddler\uninst.exeJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeEXE: C:\Users\user\AppData\Local\Programs\Fiddler\Tools\dwebp.exeJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeEXE: C:\Users\user\AppData\Local\Programs\Fiddler\Tools\Zopfli.exeJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeEXE: C:\Users\user\AppData\Local\Programs\Fiddler\ForceCPU.exeJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeEXE: C:\Users\user\AppData\Local\Programs\Fiddler\TrustCert.exeJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeEXE: C:\Users\user\AppData\Local\Programs\Fiddler\EnableLoopback.exeJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeEXE: C:\Users\user\AppData\Local\Programs\Fiddler\Tools\JXR2PNG.exeJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeEXE: C:\Users\user\AppData\Local\Programs\Fiddler\makecert.exeJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeEXE: C:\Users\user\AppData\Local\Programs\Fiddler\Tools\PngDistill.exeJump to behavior
                Source: about:srcdocHTTP Parser: No favicon
                Source: about:srcdocHTTP Parser: No favicon
                Source: https://td.doubleclick.net/td/rul/975652292?random=1713914991222&cv=11&fst=1713914991222&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je44m0v9167661709za200&gcs=G111&gcd=13v3v3v3v5&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&label=p4zxCNq_8IkYEMSLndED&hn=www.googleadservices.com&frm=0&tiba=First%20run&gtm_ee=1&npa=0&pscdl=noapi&auid=571138784.1713914988&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.134%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.134&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&ct_cookie_present=0HTTP Parser: No favicon
                Source: https://td.doubleclick.net/td/rul/975652292?random=1713914999207&cv=11&fst=1713914999207&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je44m0v9167661709za200&gcs=G111&gcd=13v3v3v3v5&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&ref=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&label=p4zxCNq_8IkYEMSLndED&hn=www.googleadservices.com&frm=0&tiba=First%20run&gtm_ee=1&npa=0&pscdl=noapi&auid=571138784.1713914988&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.134%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.134&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&ct_cookie_present=0HTTP Parser: No favicon
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeRegistry value created: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION Fiddler.exeJump to behavior

                Compliance

                barindex
                EXE planting / hijacking vulnerabilities found
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeEXE: C:\Users\user\AppData\Local\Programs\Fiddler\Fiddler.exeJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeEXE: C:\Users\user\AppData\Local\Programs\Fiddler\ExecAction.exeJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeEXE: C:\Users\user\AppData\Local\Programs\Fiddler\ScriptEditor\FSE2.exeJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeEXE: C:\Users\user\AppData\Local\Programs\Fiddler\Tools\Brotli.exeJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeEXE: C:\Users\user\AppData\Local\Programs\Fiddler\uninst.exeJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeEXE: C:\Users\user\AppData\Local\Programs\Fiddler\Tools\dwebp.exeJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeEXE: C:\Users\user\AppData\Local\Programs\Fiddler\Tools\Zopfli.exeJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeEXE: C:\Users\user\AppData\Local\Programs\Fiddler\ForceCPU.exeJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeEXE: C:\Users\user\AppData\Local\Programs\Fiddler\TrustCert.exeJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeEXE: C:\Users\user\AppData\Local\Programs\Fiddler\EnableLoopback.exeJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeEXE: C:\Users\user\AppData\Local\Programs\Fiddler\Tools\JXR2PNG.exeJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeEXE: C:\Users\user\AppData\Local\Programs\Fiddler\makecert.exeJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeEXE: C:\Users\user\AppData\Local\Programs\Fiddler\Tools\PngDistill.exeJump to behavior
                Uses 32bit PE files
                Source: SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeStatic PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE
                Creates a software uninstall entry
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeRegistry value created: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Fiddler2Jump to behavior
                Creates install or setup log file
                Source: C:\Users\user\AppData\Local\Programs\Fiddler\SetupHelperFile created: C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\SetupHelper.logJump to behavior
                Creates license or readme file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Fiddler\license.txtJump to behavior
                PE / OLE file has a valid certificate
                Source: SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeStatic PE information: certificate valid
                Uses secure TLS version for HTTPS connections
                Source: unknownHTTPS traffic detected: 23.1.102.27:443 -> 192.168.2.7:49757 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.7:49764 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 23.1.102.27:443 -> 192.168.2.7:49776 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.7:49958 version: TLS 1.2
                Contains modern PE file flags such as dynamic base (ASLR) or NX
                Source: SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeStatic PE information: DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
                Binary contains paths to debug symbols
                Source: Binary string: Extract: Fiddler.pdb source: FiddlerSetup.exe, 00000003.00000002.2525824876.00000000005DC000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: C:\src\GitHub\fiddler\Fiddler2\Common\ExecAction\v4\obj\x86\Release\ExecAction.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: D:\a\fiddler-classic\fiddler-classic\Fiddler2\BundledExtensions\RulesTab2\obj\Release Signed\RulesTab2.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.00000000029A6000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: Extract: SimpleFilter.pdb source: FiddlerSetup.exe, 00000003.00000002.2525824876.00000000005F8000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: D:\a\fiddler-classic\fiddler-classic\Fiddler2\BundledExtensions\SimpleFilter\obj\Release Signed\SimpleFilter.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.00000000027DA000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: System.Data.SqlXml.ni.pdb source: System.Data.SqlXml.dll.29.dr
                Source: Binary string: C:\Jenkins\NetworkConnections_Release\workspace\src\Telerik.NetworkConnections\Telerik.NetworkConnections.Windows\obj\Release\net40\Telerik.NetworkConnections.Windows.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: C:\Jenkins\NetworkConnections_Release\workspace\src\Telerik.NetworkConnections\Telerik.NetworkConnections\obj\Release\net40\Telerik.NetworkConnections.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp, Telerik.NetworkConnections.dll.3.dr
                Source: Binary string: \ScriptEditorFSE2.exe.configBasicFormats.dllBasicFormats.pdbVSWebTestExport.dllVSWebTestExport.pdbWarning: Failed to write one or more files. source: FiddlerSetup.exe, 00000003.00000002.2525824876.0000000000578000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: Extract: BasicFormats.pdbu source: FiddlerSetup.exe, 00000003.00000002.2525824876.00000000005F8000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: System.Drawing.Design.ni.pdb source: System.Drawing.Design.dll.42.dr
                Source: Binary string: Extract: EnableLoopback.pdb2A source: FiddlerSetup.exe, 00000003.00000002.2525824876.0000000000578000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: F:\Projects\Dot.NET\SVN\Editor.NET\source\obj\Release\QWhale.Syntax.Schemes.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.00000000027DA000.00000004.00000020.00020000.00000000.sdmp, QWhale.Syntax.Schemes.dll.3.dr
                Source: Binary string: ler\Analytics.pdb\*.* source: FiddlerSetup.exe, 00000003.00000002.2525824876.00000000005DC000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: D:\telerik\fiddler\ThirdParty\zopfli\Release\Zopfli.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: F:\Projects\Dot.NET\SVN\Editor.NET\source\obj\Release\QWhale.Syntax.Parsers.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.00000000029A6000.00000004.00000020.00020000.00000000.sdmp, QWhale.Syntax.Parsers.dll0.3.dr
                Source: Binary string: \??\C:\Users\user\AppData\Local\Programs\Fiddler\ImportExport\VSWebTestExport.pdb\*.* source: FiddlerSetup.exe, 00000003.00000002.2525824876.000000000061A000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: System.Numerics.ni.pdb source: System.Numerics.dll.75.dr
                Source: Binary string: D:\a\fiddler-classic\fiddler-classic\Fiddler2\BundledExtensions\PngDistill\obj\Release Signed\PngDistill.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.00000000027DA000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: D:\a\fiddler-classic\fiddler-classic\Fiddler2\BundledExtensions\EnableLoopback\obj\Release Signed\EnableLoopback.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, EnableLoopback.exe.72.dr
                Source: Binary string: System.Deployment.ni.pdb source: System.Deployment.dll.31.dr
                Source: Binary string: \Tools\PngDistill.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmp
                Source: Binary string: System.Runtime.Serialization.Formatters.Soap.ni.pdbRSDS source: System.Runtime.Serialization.Formatters.Soap.dll.77.dr
                Source: Binary string: Extract: FiddlerOrchestra.Addon.pdb source: FiddlerSetup.exe, 00000003.00000002.2525824876.00000000005DC000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: \ScriptEditor\Analytics.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmp
                Source: Binary string: System.Runtime.Caching.ni.pdbRSDS source: System.Runtime.Caching.dll.37.dr
                Source: Binary string: \ImportExport\VSWebTestExport.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmp
                Source: Binary string: \UpdateFiddler.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmp
                Source: Binary string: \ImportExport\BasicFormats.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmp
                Source: Binary string: \Scripts\FiddlerOrchestra.Addon.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmp
                Source: Binary string: -: Completederik Fiddler Classicemp\nsx8D7.tmp\System.dll, 0) .r9lerxport.pdb\*.**.*kConnections.Windows.dll\*.*" action=allow profile=any dir=in edge=deferuser protocol=tcp description="Permit inbound connections to Fiddler" source: FiddlerSetup.exe, 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmp
                Source: Binary string: Extract: TrustCert.pdb source: FiddlerSetup.exe, 00000003.00000002.2525824876.00000000005DC000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: Extract: Timeline.pdbI source: FiddlerSetup.exe, 00000003.00000002.2525824876.00000000005F8000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: Local\.dll.pdb source: System.Web.dll.35.dr
                Source: Binary string: C:\projects\dotnetzip-semverd\src\Zip\obj\Release\DotNetZip.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: Extract: PngDistill.pdb source: FiddlerSetup.exe, 00000003.00000002.2525824876.00000000005F8000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: C:\JenkinsHome\jobs\AnalyticsReleaseBuild\workspace\Telerik.FJ.Analytics\GA.Analytics.Monitor\obj\Release\GA.Analytics.Monitor.pdbg source: GA.Analytics.Monitor.dll0.3.dr
                Source: Binary string: System.ServiceModel.Internals.ni.pdbRSDS source: System.ServiceModel.Internals.dll.46.dr
                Source: Binary string: System.Numerics.ni.pdbRSDSautg source: System.Numerics.dll.75.dr
                Source: Binary string: *?|<>/":%s%S.dllCallers\user~1\AppData\Local\Temp\nsx8D7.tmp\System.dllort\VSWebTestExport.pdb\*.**.*kConnections.Windows.dll\*.*C:\Users\user~1\AppData\Local\Temp\nsx8D7.tmp\System.dll2t\VSWebTestExport.pdbdlltworkConnections.Windows.dllFalsers\user~1\AppData\Local\Temp\nsx8D7.tmpr/tasks/configurefiddler.exe"ppData\Local\Programs\Fiddler\Fiddler.exe" action=allow profile=any dir=in edge=deferuser protocol=tcp description="Permit inbound connections to Fiddler"Trueers\user~1\AppData\Local\Temp\nsx8D7.tmp\System.dlltor\FSE2.exe source: FiddlerSetup.exe, 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmp
                Source: Binary string: Qcddler.pdb source: FiddlerSetup.exe, 00000003.00000002.2525824876.000000000061A000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: System.Drawing.Design.pdb source: System.Drawing.Design.dll.42.dr
                Source: Binary string: D:\a\fiddler-classic\fiddler-classic\Fiddler2\BundledExtensions\Timeline\obj\Release Signed\Timeline.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.00000000027DA000.00000004.00000020.00020000.00000000.sdmp, Timeline.dll.3.dr
                Source: Binary string: FiddlerOrchestra.Protocol.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002ADB000.00000004.00000020.00020000.00000000.sdmp, FiddlerOrchestra.Protocol.dll.3.dr
                Source: Binary string: System.Numerics.pdb source: System.Numerics.dll.75.dr
                Source: Binary string: SWebTestExport.pdbllx source: FiddlerSetup.exe, 00000003.00000002.2525824876.000000000064A000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: D:\a\fiddler-classic\fiddler-classic\Fiddler2\BundledExtensions\BasicFormats\obj\Release Signed\BasicFormats.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002ADB000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: FiddlerOrchestra.Protocol.pdbSHA256q source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002ADB000.00000004.00000020.00020000.00000000.sdmp, FiddlerOrchestra.Protocol.dll.3.dr
                Source: Binary string: D:\a\fiddler-classic\fiddler-classic\Fiddler\FiddlerOrchestra\FiddlerOrchestra.Addon\obj\Release\FiddlerOrchestra.Addon.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002ADB000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: EnableLoopback.ni.pdbRSDS source: EnableLoopback.exe.72.dr
                Source: Binary string: System.ServiceModel.Internals.pdb source: System.ServiceModel.Internals.dll.46.dr
                Source: Binary string: \Analytics.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmp
                Source: Binary string: System.Data.SqlXml.ni.pdbRSDS2 source: System.Data.SqlXml.dll.29.dr
                Source: Binary string: C:\Development\Releases\Json\Working\Newtonsoft.Json\Working-Signed\Src\Newtonsoft.Json\obj\Release\net45\Newtonsoft.Json.pdb source: Newtonsoft.Json.dll.3.dr
                Source: Binary string: System.EnterpriseServices.Wrapper.ni.pdb source: System.EnterpriseServices.Wrapper.dll.36.dr
                Source: Binary string: Extract: Analytics.pdbb source: FiddlerSetup.exe, 00000003.00000002.2525824876.00000000005F8000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: System.Runtime.Caching.pdb source: System.Runtime.Caching.dll.37.dr
                Source: Binary string: \Scripts\Timeline.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmp
                Source: Binary string: System.ServiceModel.Internals.ni.pdb source: System.ServiceModel.Internals.dll.46.dr
                Source: Binary string: \ScriptEditor\GA.Analytics.Monitor.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmp
                Source: Binary string: F:\Projects\Dot.NET\SVN\Editor.NET\source\obj\Release\QWhale.Syntax.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.00000000027DA000.00000004.00000020.00020000.00000000.sdmp, QWhale.Syntax.dll.3.dr
                Source: Binary string: Extract: Analytics.pdb source: FiddlerSetup.exe, 00000003.00000002.2525824876.0000000000578000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: Fiddler.pdb source: Fiddler.exe.3.dr
                Source: Binary string: D:\a\fiddler-classic\fiddler-classic\Fiddler2\BundledExtensions\VSWebTestExport\obj\Release Signed\VSWebTestExport.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002ADB000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: System.EnterpriseServices.Wrapper.ni.pdbRSDS source: System.EnterpriseServices.Wrapper.dll.36.dr
                Source: Binary string: \GA.Analytics.Monitor.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmp
                Source: Binary string: F:\Projects\Dot.NET\SVN\Editor.NET\source\obj\Release\QWhale.Editor.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.00000000027DA000.00000004.00000020.00020000.00000000.sdmp, QWhale.Editor.dll1.3.dr
                Source: Binary string: \REGISTRY\USER\S-1-5-21-2246122658-3693405117-2476756634-1003port\VSWebTestExport.pdb source: FiddlerSetup.exe, 00000003.00000002.2525824876.00000000005DC000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: \??\C:\Users\user\AppData\Local\Programs\Fiddler\ImportExport\VSWebTestExport.pdb\*.*Ii source: FiddlerSetup.exe, 00000003.00000002.2525824876.000000000061A000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: System.EnterpriseServices.Wrapper.pdb source: System.EnterpriseServices.Wrapper.dll.36.dr
                Source: Binary string: \Fiddler.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmp
                Source: Binary string: Would you like to go download manually now?https://fiddler2.com/r/?GetDotNet4open https://fiddler2.com/r/?GetDotNet4Compatible .NET Framework/Service Pack found.Installing Progress Telerik Fiddler Classic2500Fiddler.exe.configFiddler.pdbSetupHelperTrustCert.exeTrustCert.pdbInstalling Dependencies... source: FiddlerSetup.exe, 00000003.00000002.2525824876.0000000000578000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: \EnableLoopback.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmp
                Source: Binary string: FiddlerOrchestra.Connection.pdbSHA256' source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002ADB000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: \TrustCert.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmp
                Source: Binary string: C:\JenkinsHome\jobs\AnalyticsReleaseBuild\workspace\Telerik.FJ.Analytics\GA.Analytics.Monitor\obj\Release\GA.Analytics.Monitor.pdb source: GA.Analytics.Monitor.dll0.3.dr
                Source: Binary string: \Inspectors\Be.Windows.Forms.HexBox.dllAnalytics.dllAnalytics.pdbGA.Analytics.Monitor.dllGA.Analytics.Monitor.pdbNewtonsoft.Json.dllDotNetZip.dll source: FiddlerSetup.exe, 00000003.00000002.2525824876.0000000000578000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: System.Deployment.ni.pdbRSDS source: System.Deployment.dll.31.dr
                Source: Binary string: F:\Projects\Dot.NET\SVN\Editor.NET\source\obj\Release\QWhale.Common.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.00000000027DA000.00000004.00000020.00020000.00000000.sdmp, QWhale.Common.dll.3.dr, QWhale.Common.dll0.3.dr
                Source: Binary string: EnableLoopback.ni.pdb source: EnableLoopback.exe.72.dr
                Source: Binary string: FiddlerOrchestra.Utilities.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002ADB000.00000004.00000020.00020000.00000000.sdmp, FiddlerOrchestra.Utilities.dll.3.dr
                Source: Binary string: System.Deployment.pdb source: System.Deployment.dll.31.dr
                Source: Binary string: EnableLoopback.exeEnableLoopback.pdbApp.icoCountdown.wavLoadScript.wavLoadScriptError.wavNOTICES.txtScreenshot.wavcredits.txtsaz.ico source: FiddlerSetup.exe, 00000003.00000002.2525824876.0000000000578000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: Extract: GA.Analytics.Monitor.pdb source: FiddlerSetup.exe, 00000003.00000002.2525824876.00000000005DC000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: System.Runtime.Serialization.Formatters.Soap.pdb source: System.Runtime.Serialization.Formatters.Soap.dll.77.dr
                Source: Binary string: System.Drawing.Design.ni.pdbRSDS source: System.Drawing.Design.dll.42.dr
                Source: Binary string: MakeCert.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: c:\src\JPEGXR2PNG\JPEGXR2PNG\obj\Release\JXR2PNG.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, JXR2PNG.exe.3.dr
                Source: Binary string: FiddlerOrchestra.Connection.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002ADB000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: System.Data.SqlXml.pdb source: System.Data.SqlXml.dll.29.dr
                Source: Binary string: \ToolsPngDistill.exePngDistill.pdbInstalling FiddlerExtensions...SimpleFilter.dllSimpleFilter.pdbTimeline.dllTimeline.pdbRulesTab2.dllQWhale.Syntax.Parsers.dllInstalling Fiddler Orchestra addon...FiddlerOrchestra.Addon.dllFiddlerOrchestra.Addon.pdbFiddlerOrchestra.Connection.dllFiddlerOrchestra.Protocol.dllFiddlerOrchestra.Utilities.dllnetstandard.dll source: FiddlerSetup.exe, 00000003.00000002.2525824876.0000000000578000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: System.Runtime.Caching.ni.pdb source: System.Runtime.Caching.dll.37.dr
                Source: Binary string: Extract: VSWebTestExport.pdb1 source: FiddlerSetup.exe, 00000003.00000002.2525824876.00000000005F8000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: \Scripts\SimpleFilter.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmp
                Source: Binary string: FiddlerOrchestra.Utilities.pdbSHA256 source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002ADB000.00000004.00000020.00020000.00000000.sdmp, FiddlerOrchestra.Utilities.dll.3.dr
                Source: Binary string: System.Runtime.Serialization.Formatters.Soap.ni.pdb source: System.Runtime.Serialization.Formatters.Soap.dll.77.dr
                Source: Binary string: D:\a\fiddler-classic\fiddler-classic\Fiddler2\BundledExtensions\BasicFormats\obj\Release Signed\BasicFormats.pdbl source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002ADB000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: \??\C:\Users\user\AppData\Local\Programs\Fiddler\ScriptEditor\GA.Analytics.Monitor.pdb source: FiddlerSetup.exe, 00000003.00000002.2525824876.000000000061A000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: D:\a\fiddler-classic\fiddler-classic\Fiddler2\Fiddler.SetupHelper\obj\Release Signed\Fiddler.SetupHelper.pdb source: SetupHelper, 00000013.00000000.1360771425.0000000000772000.00000002.00000001.01000000.0000000A.sdmp, SetupHelper.3.dr
                Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeCode function: 1_2_0040687E FindFirstFileW,FindClose,1_2_0040687E
                Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeCode function: 1_2_00405C2D GetTempPathW,DeleteFileW,lstrcatW,lstrcatW,lstrlenW,FindFirstFileW,FindNextFileW,FindClose,1_2_00405C2D
                Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeCode function: 1_2_00402910 FindFirstFileW,1_2_00402910
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeCode function: 3_2_00402910 FindFirstFileW,3_2_00402910
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeCode function: 3_2_004069DF FindFirstFileW,FindClose,3_2_004069DF
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeCode function: 3_2_00405D8E CloseHandle,GetTempPathW,DeleteFileW,lstrcatW,lstrcatW,lstrlenW,FindFirstFileW,FindNextFileW,FindClose,3_2_00405D8E
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile opened: C:\Users\userJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile opened: C:\Users\user\AppData\Local\Programs\Fiddler\ScriptEditorJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile opened: C:\Users\user\AppData\Local\ProgramsJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile opened: C:\Users\user\AppData\LocalJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile opened: C:\Users\user\AppData\Local\Programs\FiddlerJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile opened: C:\Users\user\AppDataJump to behavior

                Networking

                barindex
                Yara detected Generic Downloader
                Source: Yara matchFile source: 3.2.FiddlerSetup.exe.2ccf202.15.raw.unpack, type: UNPACKEDPE
                Source: Yara matchFile source: 3.2.FiddlerSetup.exe.2af94ae.11.raw.unpack, type: UNPACKEDPE
                Source: Yara matchFile source: 3.2.FiddlerSetup.exe.2adb956.10.raw.unpack, type: UNPACKEDPE
                Source: Yara matchFile source: C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\netstandard.dll, type: DROPPED
                Source: unknownNetwork traffic detected: DNS query count 42
                Source: QWhale.Syntax.Parsers.dll0.3.drBinary string: http://www.microsoft.com/downloads/details.aspx?familyide5b8ebc2-6ad6-49f0-8c90-e4f763e3f04famp;displaylangen - obfuscation quality: 4
                Source: Joe Sandbox ViewIP Address: 18.65.25.57 18.65.25.57
                Source: Joe Sandbox ViewIP Address: 104.18.32.137 104.18.32.137
                Source: Joe Sandbox ViewJA3 fingerprint: 28a2c9bd18a11de089ef85a160da29e4
                Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
                Source: unknownTCP traffic detected without corresponding DNS query: 104.98.116.138
                Source: unknownTCP traffic detected without corresponding DNS query: 104.98.116.138
                Source: unknownTCP traffic detected without corresponding DNS query: 104.98.116.138
                Source: unknownTCP traffic detected without corresponding DNS query: 20.50.201.200
                Source: unknownTCP traffic detected without corresponding DNS query: 20.50.201.200
                Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
                Source: unknownTCP traffic detected without corresponding DNS query: 20.50.201.200
                Source: unknownTCP traffic detected without corresponding DNS query: 20.50.201.200
                Source: unknownTCP traffic detected without corresponding DNS query: 20.50.201.200
                Source: unknownTCP traffic detected without corresponding DNS query: 104.98.116.138
                Source: unknownTCP traffic detected without corresponding DNS query: 104.98.116.138
                Source: unknownTCP traffic detected without corresponding DNS query: 104.98.116.138
                Source: unknownTCP traffic detected without corresponding DNS query: 104.98.116.138
                Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
                Source: unknownTCP traffic detected without corresponding DNS query: 20.50.201.200
                Source: unknownTCP traffic detected without corresponding DNS query: 20.50.201.200
                Source: unknownTCP traffic detected without corresponding DNS query: 23.1.102.27
                Source: unknownTCP traffic detected without corresponding DNS query: 23.1.102.27
                Source: unknownTCP traffic detected without corresponding DNS query: 23.1.102.27
                Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
                Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
                Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
                Source: unknownTCP traffic detected without corresponding DNS query: 23.1.102.27
                Source: unknownTCP traffic detected without corresponding DNS query: 23.1.102.27
                Source: unknownTCP traffic detected without corresponding DNS query: 23.1.102.27
                Source: unknownTCP traffic detected without corresponding DNS query: 23.1.102.27
                Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
                Source: unknownTCP traffic detected without corresponding DNS query: 23.1.102.27
                Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
                Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
                Source: unknownTCP traffic detected without corresponding DNS query: 23.1.102.27
                Source: unknownTCP traffic detected without corresponding DNS query: 23.1.102.27
                Source: unknownTCP traffic detected without corresponding DNS query: 23.1.102.27
                Source: unknownTCP traffic detected without corresponding DNS query: 23.1.102.27
                Source: unknownTCP traffic detected without corresponding DNS query: 23.1.102.27
                Source: unknownTCP traffic detected without corresponding DNS query: 23.1.102.27
                Source: unknownTCP traffic detected without corresponding DNS query: 23.1.102.27
                Source: unknownTCP traffic detected without corresponding DNS query: 23.1.102.27
                Source: unknownTCP traffic detected without corresponding DNS query: 23.1.102.27
                Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
                Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
                Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
                Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
                Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
                Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
                Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
                Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
                Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
                Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
                Source: global trafficHTTP traffic detected: GET /download/fiddler/first-run HTTP/1.1Host: www.telerik.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /WebResource.axd?d=DzHrpQl5URXarFHAtrmzFsPwWIExaUeLHf3gTuslFxiRsjc9gU89IWbLw9lFnSTXl5qZVz-0iBHHB3aQBiGWPYzKfk3ndhT8iH1RSf_M6Sk7X3EWbQzPMVpb-rxAUHFQlncyLjOo3RP6E9HfRXn18roSCYCGCRaVqv9jyNWgJTH95Urh0&t=638477158040000000 HTTP/1.1Host: www.telerik.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.telerik.com/download/fiddler/first-runAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /WebResource.axd?d=HtQyXelCu6mzSPcVcvK_BiMPfgaXcXtBpU_p4oPRWdaaTkgqeBOpXuu1TRv9pAGD-FAzjGGeBeqirrj8SJpv3YU7eO6rv9kziBqvktqcdZzC15nZHrag4kg_mMMtSYLloBTL1HIRNuD4Iepyub_zCpOjm9RyH4DXkI1YDpCN_mnfRNsYUjpSNKzgKVak4AN3FQYzZOcP1Z4PmfVVfM_48qg3YrI1&t=638477158040000000 HTTP/1.1Host: www.telerik.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.telerik.com/download/fiddler/first-runAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /WebResource.axd?d=wnB2OjhYopty-dCFa4b2kKCIWGgLoaj0QQ4I7F_PiSysmtqnVBUtsGpmlAymZDgXEXdRjhe5BdfNkuyybLSHMhRnbzI9oh6WXC-y-EwOrJPY0qCvfWaOo0ltV4TVm8apzRlzF5O244Y4u7-m5V8Vv2yC1Tun7PurVRoOxfv28sPwY-isOJNAi7MSqc1tycGYAkqZXHU_zlVNorSTBDv4W4jemDM1&t=638477158040000000 HTTP/1.1Host: www.telerik.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.telerik.com/download/fiddler/first-runAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /consent/3dfce4f2-dab6-4128-9f33-df7e0597da82/otSDKStub.js HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /WebResource.axd?d=NjxTqR2bqTw1rewxxlkHPoKtHrXAWC0HAaoiA_KkRcUyXkV02CSw2viy3BbwqQQWnOeUM4JljOrJ6SdN8P6xkcmc02D5IE0_hoR3ujKOHMUMV0D80Ax-2HQgUBn3JFGVcQMIptO-sbrJg4UhPcfKleFkBd3KXta5g771qRLz1--cqQWHZet4VERXE7zwP_V-_reX4bmQVhWS6yxLXOsj2Tnqll01&t=638477158040000000 HTTP/1.1Host: www.telerik.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.telerik.com/download/fiddler/first-runAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /fonts/2.2.7/metric/Metric-Light.woff2 HTTP/1.1Host: d6vtbcy3ong79.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.telerik.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /ajax/libs/jquery/3.7.1/jquery.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /fonts/2.2.7/metric/Metric-Medium.woff2 HTTP/1.1Host: d6vtbcy3ong79.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.telerik.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /ajax/libs/jquery-migrate/3.4.1/jquery-migrate.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /fonts/2.2.7/metric/Metric-Regular.woff2 HTTP/1.1Host: d6vtbcy3ong79.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.telerik.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /cache/b6ce06a57a51347c21d7af30873baa8620408fd6/telerik/css/style.css HTTP/1.1Host: dtzbdy9anri2p.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /fonts/2.2.7/metric/Metric-Semibold.woff2 HTTP/1.1Host: d6vtbcy3ong79.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.telerik.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /telerik-navigation/3.5.25/js/index.min.mjs HTTP/1.1Host: d6vtbcy3ong79.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.telerik.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /fonts/2.2.7/css/metric.min.css HTTP/1.1Host: d6vtbcy3ong79.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /telerik-navigation/3.5.25/css/index.min.css HTTP/1.1Host: d6vtbcy3ong79.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /cache/b3485d7dde1ec57a3915d1079237c8c34a5198c1/telerik/js/dist/polyfills.min.js HTTP/1.1Host: dtzbdy9anri2p.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /cache/4666b7b10226b39c77768062c69b31c53897f9d3/telerik/js/dist/all.min.js HTTP/1.1Host: dtzbdy9anri2p.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /consent/3dfce4f2-dab6-4128-9f33-df7e0597da82/3dfce4f2-dab6-4128-9f33-df7e0597da82.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.telerik.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /webapi/Announcements/GetPromo?url=https://www.telerik.com/download/fiddler/first-run HTTP/1.1Host: www.telerik.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.telerik.com/download/fiddler/first-runAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /sdk/sitefinity-insight-client.min.3.1.13.js HTTP/1.1Host: cdn.insight.sitefinity.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.telerik.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /cache/b6ce06a57a51347c21d7af30873baa8620408fd6/telerik/iconfont/tlrk-icon-font-dc6cff9dd8.woff2 HTTP/1.1Host: dtzbdy9anri2p.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.telerik.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://dtzbdy9anri2p.cloudfront.net/cache/b6ce06a57a51347c21d7af30873baa8620408fd6/telerik/css/style.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /Frontend-Assembly/Web.SitefinityExtensions.EloquaConnector/Scripts/BrowserSessionStorage.min.js?package=PureMvc&v=Q2NzWmRUZmg5UHpIS3RyRDhtYkJmUT09 HTTP/1.1Host: d585tldpucybw.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /Frontend-Assembly/Web.SitefinityExtensions.EloquaConnector/Scripts/SetBrowserSessionStorage.min.js?package=PureMvc&v=ZGx1bUU2RnZ6Tmd0d21DTm10M2ZHUT09) HTTP/1.1Host: d585tldpucybw.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /RestApi/personalizations/render?pageNodeId=5ceb4be1-05bd-4c69-892a-2c2bbd37538b&pageDataId=1f960fad-aef2-4475-8978-52fb7a29dbc9&pageNodeKey=5CEB4BE1-05BD-4C69-892A-2C2BBD37538B/b31ca85c-a1c5-4a9d-8b5d-e7b0736a8b16/SitefinitySiteMap&url=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&controls=09f9bb4f-5990-40af-b361-7849c73c9604_1,0cd3f511-e7d9-4e23-8773-26005ae09893_1,25637a62-a321-49a0-8b7e-5962dc977e95_1,6b5ac4dc-8fd0-4043-bd0a-e9ffd31e3bc8_1&correlationId=lvd0q0oezinv502q4f HTTP/1.1Host: www.telerik.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0SF_NO_URL_REFERER: trueUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-type: application/json; charset=utf-8Accept: application/jsonX-Requested-With: XMLHttpRequestsec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.telerik.com/download/fiddler/first-runAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /cookieconsentpub/v1/geo/location HTTP/1.1Host: geolocation.onetrust.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"accept: application/jsonsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://www.telerik.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /scripttemplates/202401.2.0/otBannerSdk.js HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /sfimages/default-source/productsimages/kendo-ui-complete/kendoka_icon.png?sfvrsn=922435fb_2 HTTP/1.1Host: www.telerik.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.telerik.com/download/fiddler/first-runAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /c/hotjar-66905.js?sv=7 HTTP/1.1Host: static.hotjar.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /sxp/i/940047942047f9f048d2c1e1f6b78492.js HTTP/1.1Host: euob.ytwohlcq.telerik.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2
                Source: global trafficHTTP traffic detected: GET /consent/3dfce4f2-dab6-4128-9f33-df7e0597da82/8b69118b-3606-49f3-8c41-2718141b484d/en.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.telerik.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /web-vitals/dist/web-vitals.iife.js HTTP/1.1Host: unpkg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /web-vitals@3.5.2/dist/web-vitals.iife.js HTTP/1.1Host: unpkg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /scripttemplates/202401.2.0/assets/otFlat.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.telerik.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /scripttemplates/202401.2.0/assets/otCommonStyles.css HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.telerik.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /modules.588629dd3c10b20ab52d.js HTTP/1.1Host: script.hotjar.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /visitor/v200/svrGP?pps=3&siteid=1325&ref=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&ref2=elqNone&tzo=-60&ms=762&optin=disabled HTTP/1.1Host: s1325.t.eloqua.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /td/ga/rul?tid=G-9JSNBCSF54&gacid=925834404.1713914987&gtm=45je44m0v9167661709z8536291za200&dma=0&gcs=G111&gcd=13v3v3v3v5&npa=0&pscdl=noapi&aip=1&fledge=1&z=1283479480 HTTP/1.1Host: td.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /visitor/v200/svrGP.aspx?pps=3&siteid=1325&ref=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&ref2=elqNone&tzo=-60&ms=762&optin=disabled&elqCookie=1 HTTP/1.1Host: s1325.t.eloqua.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ELOQUA=GUID=A19FC9146C534783A26EBA38F50B2A88; ELQSTATUS=OK
                Source: global trafficHTTP traffic detected: GET /external-assets/1.0.22/utils/store-lead-data.min.js HTTP/1.1Host: d6vtbcy3ong79.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-111455-1&cid=925834404.1713914987&jid=1541579741&_u=aGBAiEABBAAAAGAFKC~&z=803182535 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-111455-74&cid=925834404.1713914987&jid=629508174&_u=aGDAiEABBAAAAGAFKC~&z=33840365 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /ki.js/24100/4Nr.js HTTP/1.1Host: cl.qualaroo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
                Source: global trafficHTTP traffic detected: GET /ct?id=37678&url=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&sf=0&tpi=&ch=Telerik&uvid=&tsf=0&tsfmi=&tsfu=&cb=1713914987738&hl=1&op=0&ag=300509663&rand=949911591996670929250675522207660181220029557281702027707682202129158111898882021890&fs=1034x870&fst=1034x870&np=win32&nv=google%20inc.&ref=&ss=1280x1024&nc=0&at=&di=W1siZWYiLDEyMTddLFsiYm5jaCIsNV0sWyJhYm5jaCIsNV0sWy0xNSwiLSJdLFstMzQsIi0iXSxbLTUyLCItIl0sWy0yNywiWzQwMCwxLjUsMCxcIjNnXCIsbnVsbF0iXSxbLTEyLCJudWxsIl0sWy0yMSwiLSJdLFstMTgsIlswLDAsMCwxXSJdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbFwiLFwidlwiOlwiZ29vZ2xlIGluYy4gKGdvb2dsZSlcIixcInJcIjpcImFuZ2xlIChnb29nbGUsIHZ1bGthbiAxLjMuMCAoc3dpZnRzaGFkZXIgZGV2aWNlIChzdWJ6ZXJvKSAoMHgwMDAwYzBkZSkpLCBzd2lmdHNoYWRlciBkcml2ZXIpXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wgZXMgMS4wIChvcGVuZ2wgZXMgZ2xzbCBlcyAxLjAgY2hyb21pdW0pXCIsXCJndmVyXCI6XCJ3ZWJnbCAxLjAgKG9wZW5nbCBlcyAyLjAgY2hyb21pdW0pXCIsXCJndmVuXCI6XCJ3ZWJraXRcIixcImJlblwiOjE0LFwid2dsXCI6MSxcImdyZW5cIjpcIndlYmtpdCB3ZWJnbFwiLFwic2VmXCI6MzY5ODUxODcxMCxcInNlY1wiOlwiXCJ9Il0sWy00MiwiMTcyNDI5NzY1MyJdLFstMzUsIlsxNzEzOTE0OTg3NDE2LC0yXSJdLFstMjgsImVuLVVTLGVuIl0sWy0xMywiLSJdLFstMjUsIi0iXSxbLTY2LCJnZW9sb2NhdGlvbixzdG9yYWdlYWNjZXNzLGdhbWVwYWQsY2hlY3QsbWlkaSxkaXNwbGF5Y2FwdHVyZSx1c2IsYnJvd3Npbmd0b3BpY3MsbG9jYWxmb250cyxwaWN0dXJlaW5waWN0dXJlLGpvaW5hZGludGVyZXN0Z3JvdXAscHVibGlja2V5Y3JlZGVudGlhbHNnZXQsb3RwY3JlZGVudGlhbHMsY2h1YWZvcm1mYWN0b3IsZW5jcnlwdGVkbWVkaWEsY2hzYXZlZGF0YSxjaHVhZnVsbHZlcnNpb25saXN0LGNodWF3b3c2NCxzaGFyZWRzdG9yYWdlLGNoZG93bmxpbmssY2hwcmVmZXJzY29sb3JzY2hlbWUsc3luY3hocixjaHVhbW9kZWwsc2VyaWFsLGNhbWVyYSxjaHByZWZlcnNyZWR1Y2VkbW90aW9uLHByaXZhdGVzdGF0ZXRva2VuaXNzdWFuY2UsYmx1ZXRvb3RoLGlkZW50aXR5Y3JlZGVudGlhbHNnZXQsY2h1YWZ1bGx2ZXJzaW9uLGZ1bGxzY3JlZW4sY2hkcHIsdW5sb2FkLGtleWJvYXJkbWFwLGNodWFwbGF0Zm9ybSxzaGFyZWRzdG9yYWdlc2VsZWN0dXJsLGd5cm9zY29wZSxpbnRlcmVzdGNvaG9ydCx3aW5kb3dwbGFjZW1lbnQsY2h1YW1vYmlsZSxjaHVhLHJ1bmFkYXVjdGlvbixtYWduZXRvbWV0ZXIsYWNjZWxlcm9tZXRlcixwcml2YXRlc3RhdGV0b2tlbnJlZGVtcHRpb24sY2h1YWFyY2gseHJzcGF0aWFsdHJhY2tpbmcsaWRsZWRldGVjdGlvbixjaHVhcGxhdGZvcm12ZXJzaW9uLGNod2lkdGgsY2xpcGJvYXJkcmVhZCxjaHZpZXdwb3J0d2lkdGgscGF5bWVudCxjaHZpZXdwb3J0aGVpZ2h0LGNocnR0LGF1dG9wbGF5LGNyb3Nzb3JpZ2luaXNvbGF0ZWQsaGlkLGNodWFiaXRuZXNzLHNjcmVlbndha2Vsb2NrLHByaXZhdGVhZ2dyZWdhdGlvbixjbGlwYm9hcmR3cml0ZSxhdHRyaWJ1dGlvbnJlcG9ydGluZyxjaGRldmljZW1lbW9yeSxtaWNyb3Bob25lIl0sWy0yMywiKyJdLFstNTAsIi0iXSxbLTQ3LCJFdXJvcGUvWnVyaWNoLGVuLVVTLGxhdG4sZ3JlZ29yeSJdLFstMjksIi0iXSxbLTMsIltcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIl0iXSxbLTYsIi0iXSxbLTEwLCItIl0sWy0yNiwie1widGpoc1wiOjE0MzQ3NTY3LFwidWpoc1wiOjEwNTQ3NDIzLFwiamhzbFwiOjIxNzI2NDk0NzJ9Il0sWy0zNywiLTEwOS02Ni03MC0iXSxbLTksIisiXSxbLTIwLCI5MjU4MzQ0MDQuMTcxMzkxNDk4NyJdLFstMzksIltcIjIwMDMwMTA3XCIsMixcIkdlY2tvXCIsXCJOZXRzY2FwZVwiLFwiTW96aWxsYVwiLG51bGwsbnVsbCx0cnVlLDgsZmFsc2UsbnVsbCw1LHRydWUsdHJ1ZSxudWxsLDAsdHJ1ZSx0cnVlXSJdLFstNDksIi0iXSxbLTYwLCItIl0sWy0zMiwiLSJdLFstNDUsIi0iXSxbLTYxLCJ7XCJ3Z3N
                Source: global trafficHTTP traffic detected: GET /visitor/v200/svrGP?pps=70&siteid=1325 HTTP/1.1Host: s1325.t.eloqua.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ELOQUA=GUID=A19FC9146C534783A26EBA38F50B2A88; ELQSTATUS=OK
                Source: global trafficHTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=dswWbrh3M+huW3O&MD=8amD1xGW HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
                Source: global trafficHTTP traffic detected: GET /pagead/landing?gcs=G111&gcd=13v3v3v3v5&rnd=71549082.1713914988&url=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&dma=0&npa=0&gtm=45je44m0v9167661709z8536291za200&auid=571138784.1713914988 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: test_cookie=CheckForPermission
                Source: global trafficHTTP traffic detected: GET /td/rul/975652292?random=1713914991222&cv=11&fst=1713914991222&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je44m0v9167661709za200&gcs=G111&gcd=13v3v3v3v5&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&label=p4zxCNq_8IkYEMSLndED&hn=www.googleadservices.com&frm=0&tiba=First%20run&gtm_ee=1&npa=0&pscdl=noapi&auid=571138784.1713914988&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.134%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.134&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&ct_cookie_present=0 HTTP/1.1Host: td.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: test_cookie=CheckForPermission
                Source: global trafficHTTP traffic detected: GET /en_US/fbevents.js HTTP/1.1Host: connect.facebook.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /pagead/viewthroughconversion/975652292/?label=p4zxCNq_8IkYEMSLndED&guid=ON&script=0&ct_cookie_present=false&random=410509906&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQIiAQFAAQ&pscrd=CLnc9JHh-P76OCITCIaknPO-2YUDFcT8_QUdYDUDfjICCAMyAggEMgIIBzICCAgyAggJMgIICjICCAIyAggLOhhodHRwczovL3d3dy50ZWxlcmlrLmNvbS8 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUkWuMucKmweOSwmj7RW92pz4PKO8842RtsIxN0p7KUWBRm2nELl74IoNpUN
                Source: global trafficHTTP traffic detected: GET /signals/config/1444093252502226?v=2.9.154&r=stable&domain=www.telerik.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105 HTTP/1.1Host: connect.facebook.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /tracker/tc_imp.gif?e=37dfbd8ee84e00126bedce34ee4e839f9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5d168b6a2f17071a10acf9f29f674d8b83d8022b3648fa2c2157826adf61950c655021c604030a35555997b7624f77be26bb25cb43e2923ef44c6eaa132c7a14c450ea54e285929c68f37950aa2084ba5f7ff35b7b1a2d18c8c9077af562b7818fbd1910fa0a9fc95df820da75c45b956279f02b01f2040e0228d2595fe69fe0a100ba2f965f980cf64d766dbad1276140023df819958d45a95f60e8e4e47116253bc6f57662d4dd09012b4576190bb98e32606d64f5ac183bd5b4f02d97fe58740f30b9e4f0d58a7dacd5880bbf51ca5c6b369cbcc8bcf630c48db3639e335bd8f9cb284c1fa3616daa820876b08de97e8a03fa42ae965d8013d9c56d9c7c71d6da2dc77ad795afedcbbabf4c68af74a8e8a5744e60e3943dcceb13e75a1058830906d092cecccaec9426873ac792f5c638e87b3b6cd7366b8493925f2adca82bf853b5c11fd837ae3d1a0b63fd76f14ddc87f62cf6c72fc45cbfd9929b77895d437ded59041326093e89ec62be058c8cb123ab9975f6996c94c2e5fd6984b5e4496d7384a90604d7f7471a07f7cdec3ff164de9308fdea3cbb7ea5399657d014d3b63dc01b24edaf966f3738721f385d0e64f6b8d932967be357445134eaa85d9dc40a0695b9dfbabc6cdeece4fc84f0b3f04b4f3ffb5b87b6596d855f6607ca605b7570eb7daf7674def99526d334c52f99aa32ccbf0c9a720e25290a7b0dd884998d5a3c0df3111e90d58de2d68041198cf3f824c2dd7969d9cc133b68fa98d85228bf209b1fe873aa4bce72a4ba14acba6e93efedc0845526aab96f718864a793b1ac179f6535120c9c6f5d30cad23be79a628bf9c69020ce8e86641c2b55fc7dfd17a03edf9d7bd4761a334b3a616db50bcad04f0aea3e84feaa6bbb9a1ad52b2dbd1b7e308dbc844848e470f58e10da1b234017ed292683b3c52896027c888f10bdcd9da2c250d05d49304ab12474409691104ee57fb4ab833f85d0f01c023ff128320204d30501a58be41916947e638ad4fe01bb88e59c027be467a90d3c07900d7632&cri=aUHD7PzVvl&ts=3552&cb=1713914991290 HTTP/1.1Host: obseu.ytwohlcq.telerik.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _ga=GA1.1.925834404.1713914987; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A49+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=0&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&gr
                Source: global trafficHTTP traffic detected: GET /pagead/viewthroughconversion/975652292/?random=1608824865&cv=11&fst=1713914991222&bg=ffffff&guid=ON&async=1&gtm=45je44m0v9167661709za200&gcs=G111&gcd=13v3v3v3v5&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&label=p4zxCNq_8IkYEMSLndED&hn=www.googleadservices.com&frm=0&tiba=First%20run&gtm_ee=1&npa=0&pscdl=noapi&auid=571138784.1713914988&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.134%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.134&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIImMGxAiIBAUABSixldmVudC1zb3VyY2UsIHRyaWdnZXIsIG5vdC1uYXZpZ2F0aW9uLXNvdXJjZWIECgICAw&pscrd=CM734vW9jPGD2wEiEwiYjafzvtmFAxXI27gIHex4DsMyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggCMgIICzoYaHR0cHM6Ly93d3cudGVsZXJpay5jb20v HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUkWuMucKmweOSwmj7RW92pz4PKO8842RtsIxN0p7KUWBRm2nELl74IoNpUN
                Source: global trafficHTTP traffic detected: GET /pagead/1p-conversion/975652292/?label=p4zxCNq_8IkYEMSLndED&guid=ON&script=0&ct_cookie_present=false&random=410509906&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQIiAQFAAQ&pscrd=CLnc9JHh-P76OCITCIaknPO-2YUDFcT8_QUdYDUDfjICCAMyAggEMgIIBzICCAgyAggJMgIICjICCAIyAggLOhhodHRwczovL3d3dy50ZWxlcmlrLmNvbS8&is_vtc=1&cid=CAQSKQB7FLtqm_2Y7mhgr_4TT706Z25qzJIIuEtEWsQVeg8mFAIyjSrn8yEj&random=4068442111 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /tag/uet/223000243 HTTP/1.1Host: www.clarity.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /pagead/1p-conversion/975652292/?random=1608824865&cv=11&fst=1713914991222&bg=ffffff&guid=ON&async=1&gtm=45je44m0v9167661709za200&gcs=G111&gcd=13v3v3v3v5&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&label=p4zxCNq_8IkYEMSLndED&hn=www.googleadservices.com&frm=0&tiba=First%20run&gtm_ee=1&npa=0&pscdl=noapi&auid=571138784.1713914988&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.134%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.134&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIImMGxAiIBAUABSixldmVudC1zb3VyY2UsIHRyaWdnZXIsIG5vdC1uYXZpZ2F0aW9uLXNvdXJjZWIECgICAw&pscrd=CM734vW9jPGD2wEiEwiYjafzvtmFAxXI27gIHex4DsMyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggCMgIICzoYaHR0cHM6Ly93d3cudGVsZXJpay5jb20v&is_vtc=1&cid=CAQSKQB7FLtqTO4M5I36ifJXChJVuy-H36QKhxR0sa1VYuN8TZngHcOzzy-1&random=1494915262 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /s/0.7.31/clarity.js HTTP/1.1Host: www.clarity.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CLID=2a63f70e8ac245f79a80d75f53b3453d.20240423.20250423
                Source: global trafficHTTP traffic detected: GET /tr/?id=1444093252502226&ev=CHEQ&dl=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&rl=&if=false&ts=1713914994454&sw=1280&sh=1024&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1713914994453.110516813&ler=empty&cdl=API_unavailable&it=1713914993541&coo=false&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=1444093252502226&ev=CHEQ&dl=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&rl=&if=false&ts=1713914994454&sw=1280&sh=1024&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1713914994453.110516813&ler=empty&cdl=API_unavailable&it=1713914993541&coo=false&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAttribution-Reporting-Eligible: event-source, trigger=navigation-sourceReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /download/fiddler/first-run HTTP/1.1Host: www.telerik.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://www.telerik.com/download/fiddler/first-runAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _ga=GA1.1.925834404.1713914987; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-tracking-consent=true; sf-prs-ss=638495117894670000; sf-prs-lu=https://www.telerik.com/download/fiddler/first-run; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; sf-ins-pv-id=9e7d323c-2538-449c-935b-bc72383359ee; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjpmYWxzZX0=; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; _cq_pxg=3|594323327|975652292|event=conversion; _ga_9JSNBCSF54=GS1.1.1713914987.1.0.1713914991.56.0.0; elqUserId=a19fc914-6c53-4783-a26e-ba38f50b2a88; _uetsid=62ec1d5001c911ef8802d7a3fb1ea1ce; _uetvid=62ec671001c911ef89dd470cec5d38bd; _fbp=fb.1.1713914994453.110516813; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A55+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=1&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1; ki_t=1713914995146%3B1713914995146%3B1713914995146%3B1%3B1; ki_r=
                Source: global trafficHTTP traffic detected: GET /td/ga/rul?tid=G-9JSNBCSF54&gacid=925834404.1713914987&gtm=45je44m0v9167661709z8536291za200&dma=0&gcs=G111&gcd=13v3v3v3v5&npa=0&pscdl=noapi&aip=1&fledge=1&z=1283479480 HTTP/1.1Host: td.doubleclick.netConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://td.doubleclick.net/td/ga/rul?tid=G-9JSNBCSF54&gacid=925834404.1713914987&gtm=45je44m0v9167661709z8536291za200&dma=0&gcs=G111&gcd=13v3v3v3v5&npa=0&pscdl=noapi&aip=1&fledge=1&z=1283479480Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUkWuMucKmweOSwmj7RW92pz4PKO8842RtsIxN0p7KUWBRm2nELl74IoNpUN
                Source: global trafficHTTP traffic detected: GET /frame.html HTTP/1.1Host: dntcl.qualaroo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /tag/uet/223000243 HTTP/1.1Host: www.clarity.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CLID=2a63f70e8ac245f79a80d75f53b3453d.20240423.20250423
                Source: global trafficHTTP traffic detected: GET /td/rul/975652292?random=1713914991222&cv=11&fst=1713914991222&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je44m0v9167661709za200&gcs=G111&gcd=13v3v3v3v5&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&label=p4zxCNq_8IkYEMSLndED&hn=www.googleadservices.com&frm=0&tiba=First%20run&gtm_ee=1&npa=0&pscdl=noapi&auid=571138784.1713914988&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.134%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.134&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&ct_cookie_present=0 HTTP/1.1Host: td.doubleclick.netConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://td.doubleclick.net/td/rul/975652292?random=1713914991222&cv=11&fst=1713914991222&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je44m0v9167661709za200&gcs=G111&gcd=13v3v3v3v5&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&label=p4zxCNq_8IkYEMSLndED&hn=www.googleadservices.com&frm=0&tiba=First%20run&gtm_ee=1&npa=0&pscdl=noapi&auid=571138784.1713914988&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.134%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.134&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&ct_cookie_present=0Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUkWuMucKmweOSwmj7RW92pz4PKO8842RtsIxN0p7KUWBRm2nELl74IoNpUN
                Source: global trafficHTTP traffic detected: GET /json/ HTTP/1.1Host: geo.qualaroo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/javascriptsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://www.telerik.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /tr/?id=1444093252502226&ev=CHEQ&dl=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&rl=&if=false&ts=1713914994454&sw=1280&sh=1024&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1713914994453.110516813&ler=empty&cdl=API_unavailable&it=1713914993541&coo=false&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=1444093252502226&ev=CHEQ&dl=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&rl=&if=false&ts=1713914994454&sw=1280&sh=1024&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1713914994453.110516813&ler=empty&cdl=API_unavailable&it=1713914993541&coo=false&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /webapi/Announcements/GetPromo?url=https://www.telerik.com/download/fiddler/first-run HTTP/1.1Host: www.telerik.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.telerik.com/download/fiddler/first-runAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _ga=GA1.1.925834404.1713914987; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-tracking-consent=true; sf-prs-ss=638495117894670000; sf-prs-lu=https://www.telerik.com/download/fiddler/first-run; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjpmYWxzZX0=; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; _cq_pxg=3|594323327|975652292|event=conversion; elqUserId=a19fc914-6c53-4783-a26e-ba38f50b2a88; _uetsid=62ec1d5001c911ef8802d7a3fb1ea1ce; _uetvid=62ec671001c911ef89dd470cec5d38bd; _fbp=fb.1.1713914994453.110516813; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A55+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=1&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1; ki_t=1713914995146%3B1713914995146%3B1713914995146%3B1%3B1; ki_r=; _ga_9JSNBCSF54=GS1.1.1713914987.1.0.1713914996.51.0.0; sf-ins-pv-id=eef0eedd-b11e-465f-ae5a-179b4f5e0fb9
                Source: global trafficHTTP traffic detected: GET /mon HTTP/1.1Host: obseu.ytwohlcq.telerik.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _ga=GA1.1.925834404.1713914987; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjpmYWxzZX0=; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; cg_uuid=490a579c4dfc5a03b8ee2ef3e0a6a990; _cq_pxg=3|594323327|975652292|event=conversion; _ga_9JSNBCSF54=GS1.1.1713914987.1.0.1713914991.56.0.0; _fbp=fb.1.1713914994453.110516813; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A55+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=1&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1
                Source: global trafficHTTP traffic detected: GET /cookieconsentpub/v1/geo/location HTTP/1.1Host: geolocation.onetrust.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"accept: application/jsonsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://www.telerik.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /RestApi/personalizations/render?pageNodeId=5ceb4be1-05bd-4c69-892a-2c2bbd37538b&pageDataId=1f960fad-aef2-4475-8978-52fb7a29dbc9&pageNodeKey=5CEB4BE1-05BD-4C69-892A-2C2BBD37538B/b31ca85c-a1c5-4a9d-8b5d-e7b0736a8b16/SitefinitySiteMap&url=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&controls=09f9bb4f-5990-40af-b361-7849c73c9604_1,0cd3f511-e7d9-4e23-8773-26005ae09893_1,25637a62-a321-49a0-8b7e-5962dc977e95_1,6b5ac4dc-8fd0-4043-bd0a-e9ffd31e3bc8_1&correlationId=lvd0qj2kn097okrw3nn HTTP/1.1Host: www.telerik.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-type: application/json; charset=utf-8Accept: application/jsonSF_URL_REFERER: https://www.telerik.com/download/fiddler/first-runX-Requested-With: XMLHttpRequestsec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.telerik.com/download/fiddler/first-runAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _ga=GA1.1.925834404.1713914987; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-tracking-consent=true; sf-prs-ss=638495117894670000; sf-prs-lu=https://www.telerik.com/download/fiddler/first-run; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjpmYWxzZX0=; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; _cq_pxg=3|594323327|975652292|event=conversion; elqUserId=a19fc914-6c53-4783-a26e-ba38f50b2a88; _uetsid=62ec1d5001c911ef8802d7a3fb1ea1ce; _uetvid=62ec671001c911ef89dd470cec5d38bd; _fbp=fb.1.1713914994453.110516813; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A55+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=1&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1; ki_t=1713914995146%3B1713914995146%3B1713914995146%3B1%3B1; ki_r=; _ga_9JSNBCSF54=GS1.1.1713914987.1.0.1713914996.51.0.0; sf-ins-pv-id=eef0eedd-b11e-465f-ae5a-179b4f5e0fb9
                Source: global trafficHTTP traffic detected: GET /web-vitals/dist/web-vitals.iife.js HTTP/1.1Host: unpkg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /ct?id=37678&url=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&sf=0&tpi=&ch=Telerik&uvid=&tsf=0&tsfmi=&tsfu=&cb=1713914997517&hl=1&op=0&ag=300509663&rand=039280971260119758819251020028629021601221976155020279621809222752118268259696351250&fs=1034x870&fst=1034x870&np=win32&nv=google%20inc.&ref=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&ss=1280x1024&nc=0&at=&di=W1siZWYiLDk1XSxbImJuY2giLDldLFsiYWJuY2giLDldLFstNTksImRlZmF1bHQiXSxbLTUsIi0iXSxbLTE5LCJbMTAsMTAsMTAsMTAsMCwwLDEsMjQsMjQsXCItXCIsMTI4MCw5ODQsMTI4MCwxMDI0LDEwNTAsOTY0LDEwMzQsODcwLDAsMCwwLDAsXCItXCIsXCItXCIsMTAxNyw4NzBdIl0sWy00NCwiMCwwLDAsNSJdLFstMjIsIltcInJcIixcInJcIl0iXSxbLTU3LCJXRTBaZUV0TFdFQVhUMXdaRVZGTlRVbEtBeFlXWEV4V1d4ZEFUVTVXVVZWYVNCZE5YRlZjUzFCU0YxcFdWQlpLUVVrV1VCWUFEUWtKRFE0QURRc0pEUTVmQUY4SkRRRmRDMW9JWEFoZkQxc09BUTBBQ3hkVFNnTUlBdzhPQ3dnSUVBPT0iXSxbLTY0LCJbMCxcIldpbmRvd3NcIixbe1wiYlwiOlwiR29vZ2xlIENocm9tZVwiLFwidlwiOlwiMTE3XCJ9LHtcImJcIjpcIk5vdDtBPUJyYW5kXCIsXCJ2XCI6XCI4XCJ9LHtcImJcIjpcIkNocm9taXVtXCIsXCJ2XCI6XCIxMTdcIn1dXSJdLFstNCwiLSJdLFstMTgsIlswLDAsMCwxXSJdLFstMzcsIi0xMDktNjYtNzAtIl0sWy0xMCwiLSJdLFstMjQsIltdIl0sWy01OCwiLSJdLFstMTUsIi0iXSxbLTUwLCItIl0sWy02NiwiZ2VvbG9jYXRpb24sc3RvcmFnZWFjY2VzcyxnYW1lcGFkLGNoZWN0LG1pZGksZGlzcGxheWNhcHR1cmUsdXNiLGJyb3dzaW5ndG9waWNzLGxvY2FsZm9udHMscGljdHVyZWlucGljdHVyZSxqb2luYWRpbnRlcmVzdGdyb3VwLHB1YmxpY2tleWNyZWRlbnRpYWxzZ2V0LG90cGNyZWRlbnRpYWxzLGNodWFmb3JtZmFjdG9yLGVuY3J5cHRlZG1lZGlhLGNoc2F2ZWRhdGEsY2h1YWZ1bGx2ZXJzaW9ubGlzdCxjaHVhd293NjQsc2hhcmVkc3RvcmFnZSxjaGRvd25saW5rLGNocHJlZmVyc2NvbG9yc2NoZW1lLHN5bmN4aHIsY2h1YW1vZGVsLHNlcmlhbCxjYW1lcmEsY2hwcmVmZXJzcmVkdWNlZG1vdGlvbixwcml2YXRlc3RhdGV0b2tlbmlzc3VhbmNlLGJsdWV0b290aCxpZGVudGl0eWNyZWRlbnRpYWxzZ2V0LGNodWFmdWxsdmVyc2lvbixmdWxsc2NyZWVuLGNoZHByLHVubG9hZCxrZXlib2FyZG1hcCxjaHVhcGxhdGZvcm0sc2hhcmVkc3RvcmFnZXNlbGVjdHVybCxneXJvc2NvcGUsaW50ZXJlc3Rjb2hvcnQsd2luZG93cGxhY2VtZW50LGNodWFtb2JpbGUsY2h1YSxydW5hZGF1Y3Rpb24sbWFnbmV0b21ldGVyLGFjY2VsZXJvbWV0ZXIscHJpdmF0ZXN0YXRldG9rZW5yZWRlbXB0aW9uLGNodWFhcmNoLHhyc3BhdGlhbHRyYWNraW5nLGlkbGVkZXRlY3Rpb24sY2h1YXBsYXRmb3JtdmVyc2lvbixjaHdpZHRoLGNsaXBib2FyZHJlYWQsY2h2aWV3cG9ydHdpZHRoLHBheW1lbnQsY2h2aWV3cG9ydGhlaWdodCxjaHJ0dCxhdXRvcGxheSxjcm9zc29yaWdpbmlzb2xhdGVkLGhpZCxjaHVhYml0bmVzcyxzY3JlZW53YWtlbG9jayxwcml2YXRlYWdncmVnYXRpb24sY2xpcGJvYXJkd3JpdGUsYXR0cmlidXRpb25yZXBvcnRpbmcsY2hkZXZpY2VtZW1vcnksbWljcm9waG9uZSJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltcIm9nOnRpdGxlXCIsXCJ0d2l0dGVyOnRpdGxlXCJdfSJdLFstMjMsIisiXSxbLTcsIi0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTM5LCJbXCIyMDAzMDEwN1wiLDIsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixudWxsLG51bGwsdHJ1ZSw4LGZhbHNlLG51bGwsNSx0cnVlLHRydWUsbnVsbCwwLHRydWUsdHJ1ZV0iXSxbLTQ1LCItIl0sWy0zMywiLSJdLFstNDcsIkV1cm9wZS9adXJpY2gsZW4tVVMsbGF0bixncmVnb3J5Il0sWy00OCwiMCwwIl0sWy00MSwiLSJdLFstMjAsIjkyNTgzNDQwNC4xNzEzOTE0OTg3Il0sWy0zMiwiLSJdLFstNDksIi0iXSxbLTEzLCItIl0sWy0yNywiWzQwMCwxLjUsMCxcIjNnXCIsbnVsbF0iXSxbLTY4LCItIl0sWy0xNiwiMCJdLFstMzYsIltcIjUvNFwiLFwiNS80XCJdIl0sWy0xNCwiLSJdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbFwiLFwidlwiOlwiZ29vZ
                Source: global trafficHTTP traffic detected: GET /tag/uet/223000243 HTTP/1.1Host: www.clarity.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CLID=2a63f70e8ac245f79a80d75f53b3453d.20240423.20250423
                Source: global trafficHTTP traffic detected: GET /browser-perf.8417c6bba72228fa2e29.js HTTP/1.1Host: script.hotjar.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /pagead/landing?gcs=G111&gcd=13t3t3t3t5&rnd=1853818599.1713914998&url=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&dma=0&npa=0&gtm=45je44m0v9167661709z8536291za200&auid=571138784.1713914988 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUkWuMucKmweOSwmj7RW92pz4PKO8842RtsIxN0p7KUWBRm2nELl74IoNpUN
                Source: global trafficHTTP traffic detected: GET /visitor/v200/svrGP?pps=3&siteid=1325&ref=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&ref2=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&tzo=-60&ms=36&optin=disabled HTTP/1.1Host: s1325.t.eloqua.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ELOQUA=GUID=A19FC9146C534783A26EBA38F50B2A88; ELQSTATUS=OK
                Source: global trafficHTTP traffic detected: GET /td/rul/975652292?random=1713914999207&cv=11&fst=1713914999207&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je44m0v9167661709za200&gcs=G111&gcd=13v3v3v3v5&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&ref=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&label=p4zxCNq_8IkYEMSLndED&hn=www.googleadservices.com&frm=0&tiba=First%20run&gtm_ee=1&npa=0&pscdl=noapi&auid=571138784.1713914988&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.134%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.134&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&ct_cookie_present=0 HTTP/1.1Host: td.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUkWuMucKmweOSwmj7RW92pz4PKO8842RtsIxN0p7KUWBRm2nELl74IoNpUN
                Source: global trafficHTTP traffic detected: GET /s/0.7.31/clarity.js HTTP/1.1Host: www.clarity.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CLID=2a63f70e8ac245f79a80d75f53b3453d.20240423.20250423
                Source: global trafficHTTP traffic detected: GET /consent/3dfce4f2-dab6-4128-9f33-df7e0597da82/3dfce4f2-dab6-4128-9f33-df7e0597da82.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /consent/3dfce4f2-dab6-4128-9f33-df7e0597da82/8b69118b-3606-49f3-8c41-2718141b484d/en.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /scripttemplates/202401.2.0/assets/otFlat.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /scripttemplates/202401.2.0/assets/otCommonStyles.css HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /cookieconsentpub/v1/geo/location HTTP/1.1Host: geolocation.onetrust.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /json/ HTTP/1.1Host: geo.qualaroo.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /webapi/Announcements/GetPromo?url=https://www.telerik.com/download/fiddler/first-run HTTP/1.1Host: www.telerik.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-tracking-consent=true; sf-prs-ss=638495117894670000; sf-prs-lu=https://www.telerik.com/download/fiddler/first-run; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; elqUserId=a19fc914-6c53-4783-a26e-ba38f50b2a88; _uetsid=62ec1d5001c911ef8802d7a3fb1ea1ce; _uetvid=62ec671001c911ef89dd470cec5d38bd; _fbp=fb.1.1713914994453.110516813; ki_t=1713914995146%3B1713914995146%3B1713914995146%3B1%3B1; ki_r=; sf-ins-pv-id=eef0eedd-b11e-465f-ae5a-179b4f5e0fb9; sid=/pU34nM7xcF1a1i8u1OTxx/5J7bGqqAKXB2hXQOSALC5RJ2vae2gTRMWBg3kyy445Vdm0qRGnvVHMEEoR6SE1I1o0VOa/z9xqn/whm5Vqb40haS8tZDTwRx1NODFFQTPT3eFyQBOkyaTEQw3mN7RJIPVp00=; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjp0cnVlfQ==; _ga=GA1.2.925834404.1713914987; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A59+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=1&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1; _cq_pxg=3|n15624902978738937898069555|975652292|event=conversion; _ga_9JSNBCSF54=GS1.1.1713914987.1.1.1713914999.48.0.0
                Source: global trafficHTTP traffic detected: GET /RestApi/personalizations/render?pageNodeId=5ceb4be1-05bd-4c69-892a-2c2bbd37538b&pageDataId=1f960fad-aef2-4475-8978-52fb7a29dbc9&pageNodeKey=5CEB4BE1-05BD-4C69-892A-2C2BBD37538B/b31ca85c-a1c5-4a9d-8b5d-e7b0736a8b16/SitefinitySiteMap&url=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&controls=09f9bb4f-5990-40af-b361-7849c73c9604_1,0cd3f511-e7d9-4e23-8773-26005ae09893_1,25637a62-a321-49a0-8b7e-5962dc977e95_1,6b5ac4dc-8fd0-4043-bd0a-e9ffd31e3bc8_1&correlationId=lvd0qj2kn097okrw3nn HTTP/1.1Host: www.telerik.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-tracking-consent=true; sf-prs-ss=638495117894670000; sf-prs-lu=https://www.telerik.com/download/fiddler/first-run; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; elqUserId=a19fc914-6c53-4783-a26e-ba38f50b2a88; _uetsid=62ec1d5001c911ef8802d7a3fb1ea1ce; _uetvid=62ec671001c911ef89dd470cec5d38bd; _fbp=fb.1.1713914994453.110516813; ki_t=1713914995146%3B1713914995146%3B1713914995146%3B1%3B1; ki_r=; sf-ins-pv-id=eef0eedd-b11e-465f-ae5a-179b4f5e0fb9; sid=/pU34nM7xcF1a1i8u1OTxx/5J7bGqqAKXB2hXQOSALC5RJ2vae2gTRMWBg3kyy445Vdm0qRGnvVHMEEoR6SE1I1o0VOa/z9xqn/whm5Vqb40haS8tZDTwRx1NODFFQTPT3eFyQBOkyaTEQw3mN7RJIPVp00=; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjp0cnVlfQ==; _ga=GA1.2.925834404.1713914987; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A59+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=1&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1; _cq_pxg=3|n15624902978738937898069555|975652292|event=conversion; _ga_9JSNBCSF54=GS1.1.1713914987.1.1.1713914999.48.0.0
                Source: global trafficHTTP traffic detected: GET /sfimages/default-source/productsimages/kendo-ui-complete/kendoka_icon.png?sfvrsn=922435fb_2 HTTP/1.1Host: www.telerik.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-tracking-consent=true; sf-prs-ss=638495117894670000; sf-prs-lu=https://www.telerik.com/download/fiddler/first-run; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; elqUserId=a19fc914-6c53-4783-a26e-ba38f50b2a88; _uetsid=62ec1d5001c911ef8802d7a3fb1ea1ce; _uetvid=62ec671001c911ef89dd470cec5d38bd; _fbp=fb.1.1713914994453.110516813; ki_t=1713914995146%3B1713914995146%3B1713914995146%3B1%3B1; ki_r=; sf-ins-pv-id=eef0eedd-b11e-465f-ae5a-179b4f5e0fb9; sid=/pU34nM7xcF1a1i8u1OTxx/5J7bGqqAKXB2hXQOSALC5RJ2vae2gTRMWBg3kyy445Vdm0qRGnvVHMEEoR6SE1I1o0VOa/z9xqn/whm5Vqb40haS8tZDTwRx1NODFFQTPT3eFyQBOkyaTEQw3mN7RJIPVp00=; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjp0cnVlfQ==; _ga=GA1.2.925834404.1713914987; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A59+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=1&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1; _cq_pxg=3|n15624902978738937898069555|975652292|event=conversion; _ga_9JSNBCSF54=GS1.1.1713914987.1.1.1713914999.48.0.0
                Source: global trafficHTTP traffic detected: GET /tr/?id=1444093252502226&ev=CHEQ&dl=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&rl=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&if=false&ts=1713914999876&sw=1280&sh=1024&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1713914994453.110516813&ler=empty&cdl=API_unavailable&it=1713914999827&coo=false&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=1444093252502226&ev=CHEQ&dl=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&rl=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&if=false&ts=1713914999876&sw=1280&sh=1024&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1713914994453.110516813&ler=empty&cdl=API_unavailable&it=1713914999827&coo=false&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAttribution-Reporting-Eligible: trigger=navigation-source, event-sourceReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /visitor/v200/svrGP?pps=70&siteid=1325 HTTP/1.1Host: s1325.t.eloqua.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ELOQUA=GUID=A19FC9146C534783A26EBA38F50B2A88; ELQSTATUS=OK
                Source: global trafficHTTP traffic detected: GET /collect/v2/data-centers/76766c2b-82f4-2453-81e5-fd840f3b455b/datasources/TelerikCom/interactions HTTP/1.1Host: api.insight.sitefinity.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /visitor/v200/svrGP?pps=3&siteid=1325&ref=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&ref2=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&tzo=-60&ms=36&optin=disabled HTTP/1.1Host: s1325.t.eloqua.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ELOQUA=GUID=A19FC9146C534783A26EBA38F50B2A88; ELQSTATUS=OK
                Source: global trafficHTTP traffic detected: GET /pagead/viewthroughconversion/975652292/?label=p4zxCNq_8IkYEMSLndED&guid=ON&script=0&ct_cookie_present=false&random=1179055552&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQIiAQFAAQ&pscrd=CP3366-R-MPBRCITCMD-7va-2YUDFRPn_QUdzCoKzjICCAMyAggEMgIIBzICCAgyAggJMgIICjICCAIyAggLOhhodHRwczovL3d3dy50ZWxlcmlrLmNvbS8 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUkWuMucKmweOSwmj7RW92pz4PKO8842RtsIxN0p7KUWBRm2nELl74IoNpUN
                Source: global trafficHTTP traffic detected: GET /tracker/tc_imp.gif?e=37dfbd8ee84e00126bedce34ef478a9d9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5d168b6a2f17071a10acf9f29f674d8b83d8022b3648fa2c2157826adf61950c655021c604030a35555997b7624f77be26bb25cb43e2923ef44c6eaa132c7a14c450ea54e285929c68f37950aa2084ba5f7ff35b7b1a2d18c8c9077af562b7818fbd1910fa0a9fc95df820da75c45b956279f02b01f2040e0228d2595fe69fe0a100ba2f965f980cf64d766dbad1276140023df819958d45a95f60e8e4e47116253bc6f57662d4dd09012b4576190bb98e32606d64f5ac183bd5b4f02d97fe58740f30b9e4f0d58a7dacd9db0ee35fc95f6f6bc9ecc8b6f03dc5d8e23d97320fd9ad9d784a40ff6939ac820876b08de97e8a03fa42ae965d8013d9c56d9c7c71d6da2dc77ad795afedcbbabf4c68af74a8e8a5744e60e3943dcceb13e75a1058830906d092cecccaec9426873ac792f5c638e87b3b6cd7366b8493925f2adca82bf853b5c11fd837ae3d1a0b63fd76f14ddc87f62cf6c72fc45cbfd9929b77895d437ded590413260974d1ba71a51d99819231b0d273fa9e2bca89e0b27c82bfaa596b6b84e75347ddfa0d5104f2e2e524bb6cc3a81fabfd6cf722b22d87008c06ddba58924672a6f7c974232d3e526c520b46eeb8d332c008a5075c5f3bafe53c83c14d52bac18ba8b67ecbefe1f485fcabf14f513dfc4685bf586a8a4b6209cb710b231faa22fa285dbbbfd3699861c9248caa2fc4b90990720b25250162129dc0e1da3a7354990a59879185a9baa152059eb0bd6197cf7379d0ce133c69fa91c55721b72483439c06fe3c9d16c7d515f8ba5ffe89dc97c11370e5f23a7d8371a78eb9aa129564330841d0151536f6fb3686b711cccdc2ae1edf9b95704b6e13ac37b904b454b5806a9f334728493d633f9633c7f56635c61dc7f3f569a8bb289e6861eb5425788de2c30b44ef76f48d19db0338084da25b57f3cbbf1ebd165ec7dd67a2d6dca8925ec81f157407f81c484e8ed24805a836e7e2d379de97bd72022ff32e79575aad4207bfc6b00a1b927e6387c2c553c3d5bacf5922a622fb5a3b44c64f3f6d958d510399dce0caf0f24ea328ac6ec9379ecc5195fff22a2bfdd90391cbfca0cef0cadf6b01dfa4375f9b23805bde4cebe52cacd3df8c32cbc6a7a4a41520cdbfb1ec499705d411432f&cri=JFpDhY30Gl&ts=1709&cb=1713914999226 HTTP/1.1Host: obseu.ytwohlcq.telerik.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; cg_uuid=490a579c4dfc5a03b8ee2ef3
                Source: global trafficHTTP traffic detected: GET /pagead/viewthroughconversion/975652292/?random=1606867032&cv=11&fst=1713914999207&bg=ffffff&guid=ON&async=1&gtm=45je44m0v9167661709za200&gcs=G111&gcd=13v3v3v3v5&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&ref=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&label=p4zxCNq_8IkYEMSLndED&hn=www.googleadservices.com&frm=0&tiba=First%20run&gtm_ee=1&npa=0&pscdl=noapi&auid=571138784.1713914988&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.134%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.134&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIImMGxAiIBAUABSixldmVudC1zb3VyY2UsIHRyaWdnZXIsIG5vdC1uYXZpZ2F0aW9uLXNvdXJjZWIECgICAw&pscrd=CM2Ako6n_oyx2gEiEwjx09j2vtmFAxX04v0FHdn_BDEyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggCMgIICzoYaHR0cHM6Ly93d3cudGVsZXJpay5jb20v HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUkWuMucKmweOSwmj7RW92pz4PKO8842RtsIxN0p7KUWBRm2nELl74IoNpUN
                Source: global trafficHTTP traffic detected: GET /pagead/1p-conversion/975652292/?label=p4zxCNq_8IkYEMSLndED&guid=ON&script=0&ct_cookie_present=false&random=1179055552&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQIiAQFAAQ&pscrd=CP3366-R-MPBRCITCMD-7va-2YUDFRPn_QUdzCoKzjICCAMyAggEMgIIBzICCAgyAggJMgIICjICCAIyAggLOhhodHRwczovL3d3dy50ZWxlcmlrLmNvbS8&is_vtc=1&cid=CAQSKQB7FLtq7vHysrjC5gqiPZ6KwQycqXLSQgcFG2luX6Zwzwi48rP2fAB9&random=4066413161 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /pagead/1p-conversion/975652292/?random=1606867032&cv=11&fst=1713914999207&bg=ffffff&guid=ON&async=1&gtm=45je44m0v9167661709za200&gcs=G111&gcd=13v3v3v3v5&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&ref=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&label=p4zxCNq_8IkYEMSLndED&hn=www.googleadservices.com&frm=0&tiba=First%20run&gtm_ee=1&npa=0&pscdl=noapi&auid=571138784.1713914988&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.134%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.134&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIImMGxAiIBAUABSixldmVudC1zb3VyY2UsIHRyaWdnZXIsIG5vdC1uYXZpZ2F0aW9uLXNvdXJjZWIECgICAw&pscrd=CM2Ako6n_oyx2gEiEwjx09j2vtmFAxX04v0FHdn_BDEyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggCMgIICzoYaHR0cHM6Ly93d3cudGVsZXJpay5jb20v&is_vtc=1&cid=CAQSKQB7FLtqE4sJQ7vTC2SIeSxPSNMEYUhouSgDttPNJEA17X4d4m_wOclY&random=1703345189 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /tr/?id=1444093252502226&ev=CHEQ&dl=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&rl=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&if=false&ts=1713914999876&sw=1280&sh=1024&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1713914994453.110516813&ler=empty&cdl=API_unavailable&it=1713914999827&coo=false&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=1444093252502226&ev=CHEQ&dl=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&rl=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&if=false&ts=1713914999876&sw=1280&sh=1024&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1713914994453.110516813&ler=empty&cdl=API_unavailable&it=1713914999827&coo=false&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /pagead/1p-conversion/975652292/?label=p4zxCNq_8IkYEMSLndED&guid=ON&script=0&ct_cookie_present=false&random=1179055552&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQIiAQFAAQ&pscrd=CP3366-R-MPBRCITCMD-7va-2YUDFRPn_QUdzCoKzjICCAMyAggEMgIIBzICCAgyAggJMgIICjICCAIyAggLOhhodHRwczovL3d3dy50ZWxlcmlrLmNvbS8&is_vtc=1&cid=CAQSKQB7FLtq7vHysrjC5gqiPZ6KwQycqXLSQgcFG2luX6Zwzwi48rP2fAB9&random=4066413161 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /mon HTTP/1.1Host: obseu.ytwohlcq.telerik.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; cg_uuid=490a579c4dfc5a03b8ee2ef3e0a6a990; _fbp=fb.1.1713914994453.110516813; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjp0cnVlfQ==; _ga=GA1.2.925834404.1713914987; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A59+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=1&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1; _cq_pxg=3|n15624902978738937898069555|975652292|event=conversion; _ga_9JSNBCSF54=GS1.1.1713914987.1.1.1713914999.48.0.0; prgs_utm=%7B%22referrer%22%3A%22https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run%22%7D
                Source: global trafficHTTP traffic detected: GET /tracker/tc_imp.gif?e=37dfbd8ee84e00126bedce34ef478a9d9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5d168b6a2f17071a10acf9f29f674d8b83d8022b3648fa2c2157826adf61950c655021c604030a35555997b7624f77be26bb25cb43e2923ef44c6eaa132c7a14c450ea54e285929c68f37950aa2084ba5f7ff35b7b1a2d18c8c9077af562b7818fbd1910fa0a9fc95df820da75c45b956279f02b01f2040e0228d2595fe69fe0a100ba2f965f980cf64d766dbad1276140023df819958d45a95f60e8e4e47116253bc6f57662d4dd09012b4576190bb98e32606d64f5ac183bd5b4f02d97fe58740f30b9e4f0d58a7dacd9db0ee35fc95f6f6bc9ecc8b6f03dc5d8e23d97320fd9ad9d784a40ff6939ac820876b08de97e8a03fa42ae965d8013d9c56d9c7c71d6da2dc77ad795afedcbbabf4c68af74a8e8a5744e60e3943dcceb13e75a1058830906d092cecccaec9426873ac792f5c638e87b3b6cd7366b8493925f2adca82bf853b5c11fd837ae3d1a0b63fd76f14ddc87f62cf6c72fc45cbfd9929b77895d437ded590413260974d1ba71a51d99819231b0d273fa9e2bca89e0b27c82bfaa596b6b84e75347ddfa0d5104f2e2e524bb6cc3a81fabfd6cf722b22d87008c06ddba58924672a6f7c974232d3e526c520b46eeb8d332c008a5075c5f3bafe53c83c14d52bac18ba8b67ecbefe1f485fcabf14f513dfc4685bf586a8a4b6209cb710b231faa22fa285dbbbfd3699861c9248caa2fc4b90990720b25250162129dc0e1da3a7354990a59879185a9baa152059eb0bd6197cf7379d0ce133c69fa91c55721b72483439c06fe3c9d16c7d515f8ba5ffe89dc97c11370e5f23a7d8371a78eb9aa129564330841d0151536f6fb3686b711cccdc2ae1edf9b95704b6e13ac37b904b454b5806a9f334728493d633f9633c7f56635c61dc7f3f569a8bb289e6861eb5425788de2c30b44ef76f48d19db0338084da25b57f3cbbf1ebd165ec7dd67a2d6dca8925ec81f157407f81c484e8ed24805a836e7e2d379de97bd72022ff32e79575aad4207bfc6b00a1b927e6387c2c553c3d5bacf5922a622fb5a3b44c64f3f6d958d510399dce0caf0f24ea328ac6ec9379ecc5195fff22a2bfdd90391cbfca0cef0cadf6b01dfa4375f9b23805bde4cebe52cacd3df8c32cbc6a7a4a41520cdbfb1ec499705d411432f&cri=JFpDhY30Gl&ts=1709&cb=1713914999226 HTTP/1.1Host: obseu.ytwohlcq.telerik.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; cg_uuid=490a579c4dfc5a03b8ee2ef3e0a6a990; _fbp=fb.1.1713914994453.110516813; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjp0cnVlfQ==; _ga=GA1.2.925834404.1713914987; OptanonConsent=isG
                Source: global trafficHTTP traffic detected: GET /json/ HTTP/1.1Host: geo.qualaroo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/javascriptsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://www.telerik.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /pagead/1p-conversion/975652292/?random=1606867032&cv=11&fst=1713914999207&bg=ffffff&guid=ON&async=1&gtm=45je44m0v9167661709za200&gcs=G111&gcd=13v3v3v3v5&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&ref=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&label=p4zxCNq_8IkYEMSLndED&hn=www.googleadservices.com&frm=0&tiba=First%20run&gtm_ee=1&npa=0&pscdl=noapi&auid=571138784.1713914988&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.134%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.134&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIImMGxAiIBAUABSixldmVudC1zb3VyY2UsIHRyaWdnZXIsIG5vdC1uYXZpZ2F0aW9uLXNvdXJjZWIECgICAw&pscrd=CM2Ako6n_oyx2gEiEwjx09j2vtmFAxX04v0FHdn_BDEyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggCMgIICzoYaHR0cHM6Ly93d3cudGVsZXJpay5jb20v&is_vtc=1&cid=CAQSKQB7FLtqE4sJQ7vTC2SIeSxPSNMEYUhouSgDttPNJEA17X4d4m_wOclY&random=1703345189 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /uwt.js HTTP/1.1Host: static.ads-twitter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /json/ HTTP/1.1Host: geo.qualaroo.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /mon HTTP/1.1Host: obseu.ytwohlcq.telerik.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; cg_uuid=490a579c4dfc5a03b8ee2ef3e0a6a990; _fbp=fb.1.1713914994453.110516813; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjp0cnVlfQ==; _ga=GA1.2.925834404.1713914987; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A59+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=1&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1; _cq_pxg=3|n15624902978738937898069555|975652292|event=conversion; _ga_9JSNBCSF54=GS1.1.1713914987.1.1.1713914999.48.0.0; prgs_utm=%7B%22referrer%22%3A%22https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run%22%7D
                Source: global trafficHTTP traffic detected: GET /prum.min.js HTTP/1.1Host: rum-static.pingdom.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /tr/?id=1444093252502226&ev=PageView&dl=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&rl=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&if=false&ts=1713915003482&sw=1280&sh=1024&v=2.9.154&r=stable&ec=1&o=4126&fbp=fb.1.1713914994453.110516813&cs_est=true&ler=empty&cdl=API_unavailable&it=1713914999827&coo=false&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /monitor/stat.js HTTP/1.1Host: www.clickcease.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /mon HTTP/1.1Host: obseu.ytwohlcq.telerik.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; cg_uuid=490a579c4dfc5a03b8ee2ef3e0a6a990; _fbp=fb.1.1713914994453.110516813; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjp0cnVlfQ==; _ga=GA1.2.925834404.1713914987; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A59+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=1&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1; _cq_pxg=3|n15624902978738937898069555|975652292|event=conversion; _ga_9JSNBCSF54=GS1.1.1713914987.1.1.1713914999.48.0.0; prgs_utm=%7B%22referrer%22%3A%22https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run%22%7D; _gat_UA-111455-1=1; _gat_UA-111455-74=1
                Source: global trafficHTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=1444093252502226&ev=PageView&dl=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&rl=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&if=false&ts=1713915003482&sw=1280&sh=1024&v=2.9.154&r=stable&ec=1&o=4126&fbp=fb.1.1713914994453.110516813&cs_est=true&ler=empty&cdl=API_unavailable&it=1713914999827&coo=false&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAttribution-Reporting-Eligible: trigger, event-source;navigation-sourceReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /_/ad/f3942e2f1f7d449b81784d171e274880/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run HTTP/1.1Host: q.quora.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /tr/?id=1444093252502226&ev=PageView&dl=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&rl=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&if=false&ts=1713915003482&sw=1280&sh=1024&v=2.9.154&r=stable&ec=1&o=4126&fbp=fb.1.1713914994453.110516813&cs_est=true&ler=empty&cdl=API_unavailable&it=1713914999827&coo=false&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=1444093252502226&ev=PageView&dl=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&rl=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&if=false&ts=1713915003482&sw=1280&sh=1024&v=2.9.154&r=stable&ec=1&o=4126&fbp=fb.1.1713914994453.110516813&cs_est=true&ler=empty&cdl=API_unavailable&it=1713914999827&coo=false&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /_/ad/f3942e2f1f7d449b81784d171e274880/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run HTTP/1.1Host: q.quora.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /i/adsct?bci=3&eci=2&event_id=36b4f4d4-fcfc-4db7-bd89-13f79635ad81&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9302dcdc-8363-4b82-9a49-9b54042acc7e&tw_document_href=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nurcc&type=javascript&version=2.3.30 HTTP/1.1Host: t.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /i/adsct?bci=3&eci=2&event_id=5e062168-5662-416c-a314-a9a718dcb2e9&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9302dcdc-8363-4b82-9a49-9b54042acc7e&tw_document_href=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzcii&type=javascript&version=2.3.30 HTTP/1.1Host: t.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /i/adsct?bci=3&eci=2&event_id=36b4f4d4-fcfc-4db7-bd89-13f79635ad81&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9302dcdc-8363-4b82-9a49-9b54042acc7e&tw_document_href=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nurcc&type=javascript&version=2.3.30 HTTP/1.1Host: analytics.twitter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /mon HTTP/1.1Host: obseu.ytwohlcq.telerik.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; cg_uuid=490a579c4dfc5a03b8ee2ef3e0a6a990; _fbp=fb.1.1713914994453.110516813; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjp0cnVlfQ==; _ga=GA1.2.925834404.1713914987; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A59+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=1&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1; _cq_pxg=3|n15624902978738937898069555|975652292|event=conversion; _ga_9JSNBCSF54=GS1.1.1713914987.1.1.1713914999.48.0.0; prgs_utm=%7B%22referrer%22%3A%22https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run%22%7D; _gat_UA-111455-1=1; _gat_UA-111455-74=1
                Source: global trafficHTTP traffic detected: GET /i/adsct?bci=3&eci=2&event_id=5e062168-5662-416c-a314-a9a718dcb2e9&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9302dcdc-8363-4b82-9a49-9b54042acc7e&tw_document_href=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzcii&type=javascript&version=2.3.30 HTTP/1.1Host: analytics.twitter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /img/beacon.gif?id=54328dddabe53db9497b23c6&sAW=1280&sAH=984&bIW=1034&bIH=870&pD=24&dPR=1&or=landscape-primary&nT=1&rC=0&nS=0&cS=13&cE=434&dLE=13&dLS=13&fS=4&hS=14&rE=-1&rS=-1&reS=434&resS=1091&resE=1520&uEE=1137&uES=1137&dL=1156&dI=1751&dCLES=1751&dCLEE=1754&dC=8300&lES=8308&lEE=8310&s=nt&title=First%20run&path=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&ref=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&sId=zaewourn&sST=1713915006&sIS=1&rV=0&v=1.4.1 HTTP/1.1Host: rum-collector-2.pingdom.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.telerik.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-111455-1&cid=925834404.1713914987&jid=1790868512&_u=SDCACEABBAAAACAFKC~&z=1680824539 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-111455-74&cid=925834404.1713914987&jid=2072956638&_u=SDCACEABBAAAACAFKCC~&z=1106341662 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /i/adsct?bci=3&eci=2&event_id=36b4f4d4-fcfc-4db7-bd89-13f79635ad81&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9302dcdc-8363-4b82-9a49-9b54042acc7e&tw_document_href=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nurcc&type=javascript&version=2.3.30 HTTP/1.1Host: t.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: muc_ads=3abd0117-8616-47bc-b0c5-4851d8992a3b
                Source: global trafficHTTP traffic detected: GET /i/adsct?bci=3&eci=2&event_id=5e062168-5662-416c-a314-a9a718dcb2e9&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9302dcdc-8363-4b82-9a49-9b54042acc7e&tw_document_href=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzcii&type=javascript&version=2.3.30 HTTP/1.1Host: t.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: muc_ads=2564eebd-51b1-4e03-af7f-2c96a59d2ba3
                Source: global trafficHTTP traffic detected: GET /i/adsct?bci=3&eci=2&event_id=36b4f4d4-fcfc-4db7-bd89-13f79635ad81&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9302dcdc-8363-4b82-9a49-9b54042acc7e&tw_document_href=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nurcc&type=javascript&version=2.3.30 HTTP/1.1Host: analytics.twitter.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: personalization_id="v1_VKT6toCZV7gBM4gxlYfjrQ=="
                Source: global trafficHTTP traffic detected: GET /i/adsct?bci=3&eci=2&event_id=5e062168-5662-416c-a314-a9a718dcb2e9&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9302dcdc-8363-4b82-9a49-9b54042acc7e&tw_document_href=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzcii&type=javascript&version=2.3.30 HTTP/1.1Host: analytics.twitter.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: personalization_id="v1_cReNRV+lMPRPVyw8C6pyMA=="
                Source: global trafficHTTP traffic detected: GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-111455-1&cid=925834404.1713914987&jid=1790868512&_u=SDCACEABBAAAACAFKC~&z=1680824539 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-111455-74&cid=925834404.1713914987&jid=2072956638&_u=SDCACEABBAAAACAFKCC~&z=1106341662 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /img/beacon.gif?id=54328dddabe53db9497b23c6&sAW=1280&sAH=984&bIW=1034&bIH=870&pD=24&dPR=1&or=landscape-primary&nT=1&rC=0&nS=0&cS=13&cE=434&dLE=13&dLS=13&fS=4&hS=14&rE=-1&rS=-1&reS=434&resS=1091&resE=1520&uEE=1137&uES=1137&dL=1156&dI=1751&dCLES=1751&dCLEE=1754&dC=8300&lES=8308&lEE=8310&s=nt&title=First%20run&path=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&ref=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&sId=zaewourn&sST=1713915006&sIS=1&rV=0&v=1.4.1 HTTP/1.1Host: rum-collector-2.pingdom.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /favicon.ico?v=rebv1 HTTP/1.1Host: www.telerik.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.telerik.com/download/fiddler/first-runAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-tracking-consent=true; sf-prs-ss=638495117894670000; sf-prs-lu=https://www.telerik.com/download/fiddler/first-run; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; elqUserId=a19fc914-6c53-4783-a26e-ba38f50b2a88; _uetsid=62ec1d5001c911ef8802d7a3fb1ea1ce; _uetvid=62ec671001c911ef89dd470cec5d38bd; _fbp=fb.1.1713914994453.110516813; ki_r=; sf-ins-pv-id=eef0eedd-b11e-465f-ae5a-179b4f5e0fb9; sid=/pU34nM7xcF1a1i8u1OTxx/5J7bGqqAKXB2hXQOSALC5RJ2vae2gTRMWBg3kyy445Vdm0qRGnvVHMEEoR6SE1I1o0VOa/z9xqn/whm5Vqb40haS8tZDTwRx1NODFFQTPT3eFyQBOkyaTEQw3mN7RJIPVp00=; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjp0cnVlfQ==; _ga=GA1.2.925834404.1713914987; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A59+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=1&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1; _cq_pxg=3|n15624902978738937898069555|975652292|event=conversion; _ga_9JSNBCSF54=GS1.1.1713914987.1.1.1713914999.48.0.0; prgs_utm=%7B%22referrer%22%3A%22https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run%22%7D; _clck=1wlli9p%7C2%7Cfl6%7C0%7C1574; _clsk=eu7kl0%7C1713915002285%7C1%7C1%7Cd.clarity.ms%2Fcollect; ki_t=1713914995146%3B1713914995146%3B1713915003452%3B1%3B2; _gat_UA-111455-1=1; _gat_UA-111455-74=1
                Source: global trafficHTTP traffic detected: GET /favicon.ico?v=rebv1 HTTP/1.1Host: www.telerik.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-tracking-consent=true; sf-prs-ss=638495117894670000; sf-prs-lu=https://www.telerik.com/download/fiddler/first-run; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; elqUserId=a19fc914-6c53-4783-a26e-ba38f50b2a88; _uetsid=62ec1d5001c911ef8802d7a3fb1ea1ce; _uetvid=62ec671001c911ef89dd470cec5d38bd; _fbp=fb.1.1713914994453.110516813; ki_r=; sf-ins-pv-id=eef0eedd-b11e-465f-ae5a-179b4f5e0fb9; sid=/pU34nM7xcF1a1i8u1OTxx/5J7bGqqAKXB2hXQOSALC5RJ2vae2gTRMWBg3kyy445Vdm0qRGnvVHMEEoR6SE1I1o0VOa/z9xqn/whm5Vqb40haS8tZDTwRx1NODFFQTPT3eFyQBOkyaTEQw3mN7RJIPVp00=; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjp0cnVlfQ==; _ga=GA1.2.925834404.1713914987; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A59+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=1&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1; _cq_pxg=3|n15624902978738937898069555|975652292|event=conversion; _ga_9JSNBCSF54=GS1.1.1713914987.1.1.1713914999.48.0.0; prgs_utm=%7B%22referrer%22%3A%22https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run%22%7D; _clck=1wlli9p%7C2%7Cfl6%7C0%7C1574; _clsk=eu7kl0%7C1713915002285%7C1%7C1%7Cd.clarity.ms%2Fcollect; ki_t=1713914995146%3B1713914995146%3B1713915003452%3B1%3B2; _gat_UA-111455-1=1; _gat_UA-111455-74=1
                Source: global trafficHTTP traffic detected: GET /mon HTTP/1.1Host: obseu.ytwohlcq.telerik.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; cg_uuid=490a579c4dfc5a03b8ee2ef3e0a6a990; _fbp=fb.1.1713914994453.110516813; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjp0cnVlfQ==; _ga=GA1.2.925834404.1713914987; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A59+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=1&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1; _cq_pxg=3|n15624902978738937898069555|975652292|event=conversion; _ga_9JSNBCSF54=GS1.1.1713914987.1.1.1713914999.48.0.0; prgs_utm=%7B%22referrer%22%3A%22https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run%22%7D; _gat_UA-111455-1=1; _gat_UA-111455-74=1
                Source: global trafficHTTP traffic detected: GET /mon HTTP/1.1Host: obseu.ytwohlcq.telerik.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; cg_uuid=490a579c4dfc5a03b8ee2ef3e0a6a990; _fbp=fb.1.1713914994453.110516813; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjp0cnVlfQ==; _ga=GA1.2.925834404.1713914987; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A59+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=1&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1; _cq_pxg=3|n15624902978738937898069555|975652292|event=conversion; _ga_9JSNBCSF54=GS1.1.1713914987.1.1.1713914999.48.0.0; prgs_utm=%7B%22referrer%22%3A%22https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run%22%7D; _gat_UA-111455-1=1; _gat_UA-111455-74=1
                Source: global trafficHTTP traffic detected: GET /mon HTTP/1.1Host: obseu.ytwohlcq.telerik.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; cg_uuid=490a579c4dfc5a03b8ee2ef3e0a6a990; _fbp=fb.1.1713914994453.110516813; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjp0cnVlfQ==; _ga=GA1.2.925834404.1713914987; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A59+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=1&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1; _cq_pxg=3|n15624902978738937898069555|975652292|event=conversion; _ga_9JSNBCSF54=GS1.1.1713914987.1.1.1713914999.48.0.0; prgs_utm=%7B%22referrer%22%3A%22https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run%22%7D; _gat_UA-111455-1=1; _gat_UA-111455-74=1
                Source: global trafficHTTP traffic detected: GET /mon HTTP/1.1Host: obseu.ytwohlcq.telerik.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; cg_uuid=490a579c4dfc5a03b8ee2ef3e0a6a990; _fbp=fb.1.1713914994453.110516813; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjp0cnVlfQ==; _ga=GA1.2.925834404.1713914987; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A59+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=1&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1; _cq_pxg=3|n15624902978738937898069555|975652292|event=conversion; _ga_9JSNBCSF54=GS1.1.1713914987.1.1.1713914999.48.0.0; prgs_utm=%7B%22referrer%22%3A%22https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run%22%7D; _gat_UA-111455-1=1; _gat_UA-111455-74=1
                Source: global trafficHTTP traffic detected: GET /mon HTTP/1.1Host: obseu.ytwohlcq.telerik.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; cg_uuid=490a579c4dfc5a03b8ee2ef3e0a6a990; _fbp=fb.1.1713914994453.110516813; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjp0cnVlfQ==; _ga=GA1.2.925834404.1713914987; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A59+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=1&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1; _cq_pxg=3|n15624902978738937898069555|975652292|event=conversion; _ga_9JSNBCSF54=GS1.1.1713914987.1.1.1713914999.48.0.0; prgs_utm=%7B%22referrer%22%3A%22https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run%22%7D; _gat_UA-111455-1=1; _gat_UA-111455-74=1
                Source: global trafficHTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=dswWbrh3M+huW3O&MD=8amD1xGW HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
                Source: global trafficHTTP traffic detected: GET /r/?Fiddler2FirstRun HTTP/1.1Host: fiddler2.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /download/fiddler/first-run HTTP/1.1Host: www.telerik.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
                Source: chromecache_301.27.drString found in binary or memory: return b}yC.J="internal.enableAutoEventOnTimer";var dc=ka(["data-gtm-yt-inspected-"]),AC=["www.youtube.com","www.youtube-nocookie.com"],BC,CC=!1; equals www.youtube.com (Youtube)
                Source: unknownDNS traffic detected: queries for: fiddler2.com
                Source: unknownHTTP traffic detected: POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-111455-74&cid=925834404.1713914987&jid=629508174&gjid=478797266&_gid=1225407003.1713914987&_u=aGDAiEABBAAAAGAFKC~&z=1747705249 HTTP/1.1Host: stats.g.doubleclick.netConnection: keep-aliveContent-Length: 0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: text/plainAccept: */*Origin: https://www.telerik.comX-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.telerik.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 23 Apr 2024 23:30:01 GMTContent-Type: text/html; charset=utf-8Content-Length: 235Connection: closeAccess-Control-Allow-Headers: Content-Type, Content-Length, X-Requested-With, Authorization, x-dataintelligence-accountkey, x-dataintelligence-datacenterkey, x-dataintelligence-datasource, x-dataintelligence-sort, x-dataintelligence-skip, x-dataintelligence-take, x-dataintelligence-fields, x-dataintelligence-count, x-dataintelligence-filterby, x-dataintelligence-filter, x-dataintelligence-contains, x-dataintelligence-nextrowkey, x-dataintelligence-flush, x-dataintelligence-fromdate, x-dataintelligence-todate, x-dataintelligence-period, x-dataintelligence-scale, x-dataintelligence-predicate, x-dataintelligence-subject, x-dataintelligence-ids, x-dataintelligence-datasources, x-dataintelligence-imagecrop, x-dataintelligence-contacts, x-forwarded-for, x-dataintelligence-sdk-version, Referer, Origin, x-dataintelligence-clientid, x-dataintelligence-campaignids, x-dataintelligence-userid, x-dataintelligence-errorid, x-dataintelligence-correlationid, cf-connecting-ip, x-forwarded-for, http_x_forwarded_for, x-forwarded, x-cluster-client-ip, forwarded-for, forwarded, remote_addr, client-ipAccess-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONSAccess-Control-Allow-Origin: *request-context: appId=cid-v1:a33f2e3a-ec15-4d53-8ac6-897af884626bContent-Security-Policy: default-src 'none'X-Content-Type-Options: nosniffStrict-Transport-Security: max-age=31536000
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://.css
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://.jpg
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002ADB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://127.0.0.1:
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp, Telerik.NetworkConnections.dll.3.drString found in binary or memory: http://aia.entrust.net/ts1-chain256.cer01
                Source: System.Web.dll.35.drString found in binary or memory: http://ajax.aspnetcdn.com/ajax/4.6/1/DetailsView.jsT
                Source: System.Web.dll.35.drString found in binary or memory: http://ajax.aspnetcdn.com/ajax/4.6/1/Focus.jsT
                Source: System.Web.dll.35.drString found in binary or memory: http://ajax.aspnetcdn.com/ajax/4.6/1/GridView.jsT
                Source: System.Web.dll.35.drString found in binary or memory: http://ajax.aspnetcdn.com/ajax/4.6/1/Menu.jsT
                Source: System.Web.dll.35.drString found in binary or memory: http://ajax.aspnetcdn.com/ajax/4.6/1/MenuStandards.jsT
                Source: System.Web.dll.35.drString found in binary or memory: http://ajax.aspnetcdn.com/ajax/4.6/1/TreeView.jsT
                Source: System.Web.dll.35.drString found in binary or memory: http://ajax.aspnetcdn.com/ajax/4.6/1/WebForms.js
                Source: System.Web.dll.35.drString found in binary or memory: http://ajax.aspnetcdn.com/ajax/4.6/1/WebParts.jsT
                Source: System.Web.dll.35.drString found in binary or memory: http://ajax.aspnetcdn.com/ajax/4.6/1/WebUIValidation.jsT
                Source: chromecache_292.27.drString found in binary or memory: http://ajax.cdnjs.com/ajax/libs/json2/20110223/json2.js
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002ADB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://bayden.com/meddler/
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.00000000027DA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://bit.ly/29O65sI
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.00000000027DA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://bit.ly/29VDtCe
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp, SampleRules.cs.3.drString found in binary or memory: http://blogs.msdn.com/b/fiddler/archive/2011/11/05/http-expect-continue-delays-transmitting-post-bod
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://blogs.msdn.com/ieinternals/archive/2009/07/20/Using-post_2D00_check-and-pre_2D00_check-cache-
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://browserscope2.org/browse?category=selectors&ua=Mobile%20Safari
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, JXR2PNG.exe.3.drString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDCA-1.crt0
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, JXR2PNG.exe.3.drString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, JXR2PNG.exe.3.drString found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2AssuredIDCodeSigningCA.crt0
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://commons.apache.org/proper/commons-compress/
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp, GA.Analytics.Monitor.dll0.3.dr, Telerik.NetworkConnections.dll.3.drString found in binary or memory: http://crl.entrust.net/2048ca.crl0
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp, GA.Analytics.Monitor.dll0.3.dr, Telerik.NetworkConnections.dll.3.drString found in binary or memory: http://crl.entrust.net/ts1ca.crl0
                Source: SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe, Fiddler.exe.3.dr, FiddlerOrchestra.Protocol.dll.3.dr, SetupHelper.3.dr, FiddlerOrchestra.Utilities.dll.3.dr, Timeline.dll.3.drString found in binary or memory: http://crl.globalsign.com/gsgccr45evcodesignca2020.crl0
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp, GA.Analytics.Monitor.dll0.3.dr, Telerik.NetworkConnections.dll.3.drString found in binary or memory: http://crl.thawte.com/ThawteTimestampingCA.crl0
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, JXR2PNG.exe.3.drString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDCA-1.crl08
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, JXR2PNG.exe.3.drString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0:
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, JXR2PNG.exe.3.drString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0O
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, JXR2PNG.exe.3.drString found in binary or memory: http://crl3.digicert.com/sha2-assured-cs-g1.crl05
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, JXR2PNG.exe.3.drString found in binary or memory: http://crl4.digicert.com/DigiCertAssuredIDCA-1.crl0w
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, JXR2PNG.exe.3.drString found in binary or memory: http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, JXR2PNG.exe.3.drString found in binary or memory: http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0:
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, JXR2PNG.exe.3.drString found in binary or memory: http://crl4.digicert.com/sha2-assured-cs-g1.crl0B
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002ADB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://curl.haxx.se/
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002ADB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://curl.haxx.se/S
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002ADB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://diveintohtml5.info/offline.html
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002ADB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://diveintohtml5.info/offline.htmlO
                Source: FiddlerSetup.exe, 00000003.00000002.2525824876.0000000000578000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://docs.telerik.com/fiddler/configure-fiddler/tasks/configurefiddlerURLUpdateInfohttp://www.tele
                Source: System.Data.SqlXml.dll.29.drString found in binary or memory: http://exslt.org/common
                Source: Fiddler.exe.3.drString found in binary or memory: http://fiddler.wikidot.com/prefs
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://fiddler2.com/
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp, SampleRules.cs.3.drString found in binary or memory: http://fiddler2.com/fiddlercore
                Source: FiddlerSetup.exe, 00000003.00000002.2525824876.000000000064A000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2525824876.0000000000578000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://fiddler2.com/r/?Fiddler2FirstRun
                Source: FiddlerSetup.exe, 00000003.00000002.2525824876.000000000064A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://fiddler2.com/r/?Fiddler2FirstRunP
                Source: FiddlerSetup.exe, 00000003.00000002.2525824876.000000000064A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://fiddler2.com/r/?Fiddler2FirstRunR
                Source: FiddlerSetup.exe, 00000003.00000002.2525824876.000000000064A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://fiddler2.com/r/?Fiddler2FirstRun_
                Source: FiddlerSetup.exe, 00000003.00000002.2525824876.00000000005DC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://fiddler2.com/r/?Fiddler2FirstRunert
                Source: FiddlerSetup.exe, 00000003.00000002.2525824876.000000000064A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://fiddler2.com/r/?Fiddler2FirstRunfbw
                Source: FiddlerSetup.exe, 00000003.00000002.2525824876.00000000005DC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://fiddler2.com/r/?Fiddler2FirstRunl
                Source: FiddlerSetup.exe, 00000003.00000002.2525824876.000000000061A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://fiddler2.com/r/?Fiddler2FirstRunlv
                Source: FiddlerSetup.exe, 00000003.00000002.2525824876.0000000000578000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://fiddler2.com/r/?Fiddler2FirstRunopenDetectedBrowsererrorShellExecExhttp://fiddler2.com/r/?Fid
                Source: FiddlerSetup.exe, 00000003.00000002.2525824876.00000000005F8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://fiddler2.com/r/?Fiddler2FirstRunz
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.00000000027DA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://fiddler2.com/r/?FiddlerLog
                Source: FiddlerSetup.exe, 00000003.00000002.2525824876.0000000000578000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://fiddler2.com/r/?FiddlerSandboxSOFTWARE
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://fiddler2.com/r/?SYNTAXVIEWINSTALL
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, EnableLoopback.exe.72.drString found in binary or memory: http://fiddler2.com/r/?WIN8ELo
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp, SampleRules.cs.3.drString found in binary or memory: http://fiddler2.com/r/?fiddlercolumns
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://fiddler2.com/r/?fiddlerscriptcookbook
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://fiddler2.com/r/?id=bitness
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://fiddler2.com/r/?id=bitness)
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://fiddler2.com/r/?msdnjsnet
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp, SampleRules.cs.3.drString found in binary or memory: http://fiddler2.com/r/?quickexec
                Source: Fiddler.pdb.3.drString found in binary or memory: http://fiddler2.com/surveys/SurveysBaseUri
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2525824876.0000000000578000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://getfiddler.com/
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002ADB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://groups.google.com/group/http-archive-specification
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002ADB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://groups.google.com/group/http-archive-specification/
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://html4/loose.dtd
                Source: Newtonsoft.Json.dll.3.drString found in binary or memory: http://james.newtonking.com/projects/json
                Source: SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeString found in binary or memory: http://nsis.sf.net/NSIS_ErrorError
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://nsis.sourceforge.net/Main_Page
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, JXR2PNG.exe.3.drString found in binary or memory: http://ocsp.digicert.com0A
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, JXR2PNG.exe.3.drString found in binary or memory: http://ocsp.digicert.com0C
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, JXR2PNG.exe.3.drString found in binary or memory: http://ocsp.digicert.com0N
                Source: GA.Analytics.Monitor.dll0.3.drString found in binary or memory: http://ocsp.entrust.net01
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp, GA.Analytics.Monitor.dll0.3.dr, Telerik.NetworkConnections.dll.3.drString found in binary or memory: http://ocsp.entrust.net02
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp, Telerik.NetworkConnections.dll.3.drString found in binary or memory: http://ocsp.entrust.net03
                Source: SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe, Fiddler.exe.3.dr, FiddlerOrchestra.Protocol.dll.3.dr, SetupHelper.3.dr, FiddlerOrchestra.Utilities.dll.3.dr, Timeline.dll.3.drString found in binary or memory: http://ocsp.globalsign.com/gsgccr45evcodesignca20200U
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp, GA.Analytics.Monitor.dll0.3.dr, Telerik.NetworkConnections.dll.3.drString found in binary or memory: http://ocsp.thawte.com0
                Source: GA.Analytics.Monitor.dll0.3.drString found in binary or memory: http://rb.symcb.com/rb.crl0a
                Source: GA.Analytics.Monitor.dll0.3.drString found in binary or memory: http://rb.symcb.com/rb.crt0
                Source: GA.Analytics.Monitor.dll0.3.drString found in binary or memory: http://rb.symcd.com0&
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp, GA.Analytics.Monitor.dll0.3.drString found in binary or memory: http://s.symcb.com/universal-root.crl0
                Source: GA.Analytics.Monitor.dll0.3.drString found in binary or memory: http://s.symcd.com0
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://s.symcd.com06
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp, Telerik.NetworkConnections.dll.3.drString found in binary or memory: http://s1.symcb.com/pca3-g5.crl0
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp, Telerik.NetworkConnections.dll.3.drString found in binary or memory: http://s2.symcb.com0
                Source: System.Runtime.Serialization.Formatters.Soap.dll.77.drString found in binary or memory: http://schemas.xmlsoap.org/soap/envelope/
                Source: SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe, Fiddler.exe.3.dr, FiddlerOrchestra.Protocol.dll.3.dr, SetupHelper.3.dr, FiddlerOrchestra.Utilities.dll.3.dr, Timeline.dll.3.drString found in binary or memory: http://secure.globalsign.com/cacert/gsgccr45evcodesignca2020.crt0?
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://sourceforge.net/projects/hexbox/
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp, Telerik.NetworkConnections.dll.3.drString found in binary or memory: http://sv.symcb.com/sv.crl0a
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp, Telerik.NetworkConnections.dll.3.drString found in binary or memory: http://sv.symcb.com/sv.crt0
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp, Telerik.NetworkConnections.dll.3.drString found in binary or memory: http://sv.symcd.com0&
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ts-aia.ws.symantec.com/sha256-tss-ca.cer0(
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp, GA.Analytics.Monitor.dll0.3.dr, Telerik.NetworkConnections.dll.3.drString found in binary or memory: http://ts-aia.ws.symantec.com/tss-ca-g2.cer0
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ts-crl.ws.symantec.com/sha256-tss-ca.crl0
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp, GA.Analytics.Monitor.dll0.3.dr, Telerik.NetworkConnections.dll.3.drString found in binary or memory: http://ts-crl.ws.symantec.com/tss-ca-g2.crl0(
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp, GA.Analytics.Monitor.dll0.3.dr, Telerik.NetworkConnections.dll.3.drString found in binary or memory: http://ts-ocsp.ws.symantec.com07
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ts-ocsp.ws.symantec.com0;
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.00000000029A6000.00000004.00000020.00020000.00000000.sdmp, QWhale.Syntax.Parsers.dll0.3.drString found in binary or memory: http://www.URLtoDownloadFrom.net
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.apache.org/licenses/
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.bouncycastle.org)
                Source: QWhale.Syntax.Parsers.dll0.3.drString found in binary or memory: http://www.businessobjects.com/products/dev_zone/net/default.asp
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.bzip.org/
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.codeplex.com/DotNetZip
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.00000000029A6000.00000004.00000020.00020000.00000000.sdmp, QWhale.Syntax.Parsers.dll0.3.drString found in binary or memory: http://www.contoso.com/
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.00000000029A6000.00000004.00000020.00020000.00000000.sdmp, QWhale.Syntax.Parsers.dll0.3.drString found in binary or memory: http://www.contoso.com/books.xml
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, JXR2PNG.exe.3.drString found in binary or memory: http://www.digicert.com/ssl-cps-repository.htm0
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp, GA.Analytics.Monitor.dll0.3.dr, Telerik.NetworkConnections.dll.3.drString found in binary or memory: http://www.entrust.net/rpa0
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp, GA.Analytics.Monitor.dll0.3.dr, Telerik.NetworkConnections.dll.3.drString found in binary or memory: http://www.entrust.net/rpa03
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.fatcow.com/free-icons
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.fiddler2.com/sandbox/FormAndCookie.asp
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.fiddlerbook.com/fiddler/help/http/headers.asp?query=
                Source: GA.Analytics.Monitor.dll0.3.drString found in binary or memory: http://www.google-analytics.com/collect
                Source: GA.Analytics.Monitor.dll0.3.drString found in binary or memory: http://www.google-analytics.com/debug/collect
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp, SampleRules.cs.3.drString found in binary or memory: http://www.google.com/bot.html)
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp, SampleRules.cs.3.drString found in binary or memory: http://www.google.com/search?hl=en&btnI=I%27m
                Source: Fiddler.exe.3.drString found in binary or memory: http://www.host.com/filepath?query.
                Source: Fiddler.exe.3.drString found in binary or memory: http://www.host.com/filepath?query.v
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002ADB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.iis.net/community/Performance
                Source: Newtonsoft.Json.dll.3.drString found in binary or memory: http://www.newtonsoft.com/jsonschema
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.opensource.org/licenses/mit-license.php
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.00000000027DA000.00000004.00000020.00020000.00000000.sdmp, QWhale.Common.dll.3.dr, QWhale.Common.dll0.3.drString found in binary or memory: http://www.qwhale.net
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.qwhale.net/products/editor.htm
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.00000000029A6000.00000004.00000020.00020000.00000000.sdmp, QWhale.Syntax.Parsers.dll0.3.drString found in binary or memory: http://www.someserver.com/upload.aspx
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp, Telerik.NetworkConnections.dll.3.drString found in binary or memory: http://www.symauth.com/cps0(
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp, Telerik.NetworkConnections.dll.3.drString found in binary or memory: http://www.symauth.com/rpa00
                Source: SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeString found in binary or memory: http://www.telerik.com/fiddler
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp, Telerik.NetworkConnections.dll.3.drString found in binary or memory: http://www.telerik.com/fiddler/fiddlercore0
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.telerik.com/fiddler0
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2525824876.0000000000578000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2523777255.000000000019A000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://www.telerik.com/purchase/fiddler
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2525824876.0000000000578000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2523777255.000000000019A000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://www.telerik.com/purchase/license-agreement/fiddler-enterprise-support
                Source: GA.Analytics.Monitor.dll0.3.drString found in binary or memory: http://www.telerik.com0
                Source: System.Deployment.dll.31.drString found in binary or memory: http://www.xrml.org/schema/2001/11/xrml2core
                Source: chromecache_301.27.drString found in binary or memory: https://adservice.google.com/pagead/regclk
                Source: chromecache_301.27.drString found in binary or memory: https://adservice.googlesyndication.com/pagead/regclk
                Source: chromecache_340.27.drString found in binary or memory: https://ampcid.google.com/v1/publisher:getClientId
                Source: chromecache_301.27.drString found in binary or memory: https://cct.google/taggy/agent.js
                Source: chromecache_274.27.drString found in binary or memory: https://cdn.cookielaw.org/vendorlist/googleData.json
                Source: chromecache_274.27.drString found in binary or memory: https://cdn.cookielaw.org/vendorlist/iab2Data.json
                Source: chromecache_274.27.drString found in binary or memory: https://cdn.cookielaw.org/vendorlist/iab2V2Data.json
                Source: chromecache_274.27.drString found in binary or memory: https://cdn.cookielaw.org/vendorlist/iabData.json
                Source: chromecache_274.27.drString found in binary or memory: https://cookies-data.onetrust.io/bannersdk/v1/domaingroupcheck
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp, GA.Analytics.Monitor.dll0.3.dr, Telerik.NetworkConnections.dll.3.drString found in binary or memory: https://d.symcb.com/cps0%
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp, GA.Analytics.Monitor.dll0.3.dr, Telerik.NetworkConnections.dll.3.drString found in binary or memory: https://d.symcb.com/rpa0
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://d.symcb.com/rpa0.
                Source: GA.Analytics.Monitor.dll0.3.drString found in binary or memory: https://d.symcb.com/rpa06
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002ADB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://fiddler2.com
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002ADB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://fiddler2.com/FiddlerOrchestra/Clients/FiddlerOrchestra.Client.Android.apk
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002ADB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://fiddler2.com/FiddlerOrchestra/Clients/FiddlerOrchestra.Client.Android.apk%BtnToogleListening
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002ADB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://fiddler2.com/FiddlerOrchestra/Clients/FiddlerOrchestra.Client.NetCore.WindowsMacLinux.zip
                Source: FiddlerSetup.exe, 00000003.00000002.2525824876.0000000000578000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://fiddler2.com/r/?GetDotNet4Compatible
                Source: FiddlerSetup.exe, 00000003.00000002.2525824876.0000000000578000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://fiddler2.com/r/?GetDotNet4open
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://fiddler2.com/r/?credits
                Source: chromecache_274.27.drString found in binary or memory: https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://github.com/google/zopfli/commit/720b20e8db19ea90b38edce82aca52815edf8c1a
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://github.com/google/zopfli0
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://github.com/ymnk/jzlib
                Source: chromecache_301.27.drString found in binary or memory: https://google.com
                Source: chromecache_301.27.drString found in binary or memory: https://googleads.g.doubleclick.net
                Source: chromecache_301.27.drString found in binary or memory: https://pagead2.googlesyndication.com
                Source: chromecache_301.27.drString found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
                Source: chromecache_292.27.drString found in binary or memory: https://servicestack.net
                Source: GA.Analytics.Monitor.dll0.3.drString found in binary or memory: https://ssl.google-analytics.com/collect
                Source: GA.Analytics.Monitor.dll0.3.drString found in binary or memory: https://ssl.google-analytics.com/debug/collect
                Source: chromecache_340.27.drString found in binary or memory: https://stats.g.doubleclick.net/j/collect
                Source: chromecache_340.27.drString found in binary or memory: https://tagassistant.google.com/
                Source: chromecache_301.27.drString found in binary or memory: https://td.doubleclick.net
                Source: chromecache_302.27.drString found in binary or memory: https://www.clarity.ms/tag/uet/
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, JXR2PNG.exe.3.drString found in binary or memory: https://www.digicert.com/CPS0
                Source: SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe, Fiddler.exe.3.dr, FiddlerOrchestra.Protocol.dll.3.dr, SetupHelper.3.dr, FiddlerOrchestra.Utilities.dll.3.dr, Timeline.dll.3.drString found in binary or memory: https://www.globalsign.com/repository/0
                Source: chromecache_340.27.drString found in binary or memory: https://www.google-analytics.com/debug/bootstrap?id=
                Source: chromecache_340.27.drString found in binary or memory: https://www.google-analytics.com/gtm/js?id=
                Source: chromecache_340.27.drString found in binary or memory: https://www.google.%/ads/ga-audiences
                Source: chromecache_301.27.drString found in binary or memory: https://www.google.com
                Source: chromecache_340.27.drString found in binary or memory: https://www.google.com/ads/ga-audiences
                Source: chromecache_301.27.drString found in binary or memory: https://www.googleadservices.com
                Source: chromecache_301.27.drString found in binary or memory: https://www.googletagmanager.com
                Source: chromecache_340.27.drString found in binary or memory: https://www.googletagmanager.com/gtag/js?id=
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.nuget.org/packages/DotNetZip/
                Source: Newtonsoft.Json.dll.3.drString found in binary or memory: https://www.nuget.org/packages/Newtonsoft.Json.Bson
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2525824876.0000000000578000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.progress.com/legal/privacy-policy).
                Source: chromecache_292.27.drString found in binary or memory: https://www.telerik.com/RestApi/personalizations/render?pageNodeId=5ceb4be1-05bd-4c69-892a-2c2bbd375
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002ADB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.telerik.com/blogs/a-brief-user-guide-on-fiddler-orchestra?utm_medium=product&utm_source=
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002ADB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.telerik.com/blogs/fiddlercore-for-net-standard-and-fiddler-orchestra-the-future-of-fiddl
                Source: SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe, Fiddler.exe.3.dr, FiddlerOrchestra.Protocol.dll.3.dr, SetupHelper.3.dr, FiddlerOrchestra.Utilities.dll.3.dr, Timeline.dll.3.drString found in binary or memory: https://www.telerik.com/fiddler0
                Source: chromecache_292.27.drString found in binary or memory: https://www.telerik.com/kendo-ui
                Source: chromecache_292.27.drString found in binary or memory: https://www.telerik.com/sfimages/default-source/productsimages/kendo-ui-complete/kendoka_icon.png?sf
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49865
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49862
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49861
                Source: unknownNetwork traffic detected: HTTP traffic on port 49800 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49932 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49898 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49875 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49852 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49858
                Source: unknownNetwork traffic detected: HTTP traffic on port 49881 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49857
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49856
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
                Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49855
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49854
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
                Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49853
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49852
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
                Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49851
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49850
                Source: unknownNetwork traffic detected: HTTP traffic on port 49812 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49703 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49858 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49893 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49915 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49909 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49806 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49823 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
                Source: unknownNetwork traffic detected: HTTP traffic on port 49943 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49849
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49848
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49847
                Source: unknownNetwork traffic detected: HTTP traffic on port 49886 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49846
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
                Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49844
                Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49843
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49842
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
                Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49834 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49892 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49828 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49933 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49805 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49839
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49838
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49837
                Source: unknownNetwork traffic detected: HTTP traffic on port 49847 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49958
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49836
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49957
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49835
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49956
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49834
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49955
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49833
                Source: unknownNetwork traffic detected: HTTP traffic on port 49887 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49954
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49832
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49953
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49831
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49952
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49951
                Source: unknownNetwork traffic detected: HTTP traffic on port 49839 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49927 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49944 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49822 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49910 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49853 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49938 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49955 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49829
                Source: unknownNetwork traffic detected: HTTP traffic on port 49811 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49828
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49948
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49947
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49703
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49945
                Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49823
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49944
                Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49822
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49943
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
                Source: unknownNetwork traffic detected: HTTP traffic on port 49813 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49945 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
                Source: unknownNetwork traffic detected: HTTP traffic on port 49951 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
                Source: unknownNetwork traffic detected: HTTP traffic on port 49836 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49939 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49868 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49885 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49898
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49897
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49895
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
                Source: unknownNetwork traffic detected: HTTP traffic on port 49862 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49893
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49892
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
                Source: unknownNetwork traffic detected: HTTP traffic on port 49671 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49897 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49879 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49957 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49802 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49851 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
                Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49887
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
                Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49886
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49885
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49881
                Source: unknownNetwork traffic detected: HTTP traffic on port 49928 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49880
                Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49857 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49801 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49956 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49879
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49878
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49877
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49876
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49875
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
                Source: unknownNetwork traffic detected: HTTP traffic on port 49923 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49872
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
                Source: unknownNetwork traffic detected: HTTP traffic on port 49818 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49871
                Source: unknownNetwork traffic detected: HTTP traffic on port 49835 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49829 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49880 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49934 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
                Source: unknownNetwork traffic detected: HTTP traffic on port 49846 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49868
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49867
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49866
                Source: unknownNetwork traffic detected: HTTP traffic on port 49672 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49781 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49878 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49803 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49935 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49958 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49906 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49849 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49866 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49837 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49929 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49872 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49855 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49798 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49861 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49924 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49819 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49844 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49947 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49918 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49930 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49793 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49850 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49831 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49799
                Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49798
                Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49797
                Source: unknownNetwork traffic detected: HTTP traffic on port 49677 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49952 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49794
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49793
                Source: unknownNetwork traffic detected: HTTP traffic on port 49814 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
                Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49856 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49895 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49907 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49941 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49867 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49865 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49842 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49941
                Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49871 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49833 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49819
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49818
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49939
                Source: unknownNetwork traffic detected: HTTP traffic on port 49799 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49810 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49938
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49937
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49815
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49814
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49935
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49813
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49934
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49812
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49933
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49811
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49932
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49810
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49930
                Source: unknownNetwork traffic detected: HTTP traffic on port 49925 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49919 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49954 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49794 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49876 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49809
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49929
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49928
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49806
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49927
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49805
                Source: unknownNetwork traffic detected: HTTP traffic on port 49848 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49804
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49925
                Source: unknownNetwork traffic detected: HTTP traffic on port 49773 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49803
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49924
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49802
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49923
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49801
                Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49800
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49920
                Source: unknownNetwork traffic detected: HTTP traffic on port 49783 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49838 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49953 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49815 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49877 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49854 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49908 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49919
                Source: unknownNetwork traffic detected: HTTP traffic on port 49937 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49918
                Source: unknownNetwork traffic detected: HTTP traffic on port 49809 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49915
                Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49910
                Source: unknownNetwork traffic detected: HTTP traffic on port 49948 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49843 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49804 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49832 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49909
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49908
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49907
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49906
                Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49920 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49903
                Source: unknownNetwork traffic detected: HTTP traffic on port 49903 -> 443
                Source: unknownHTTPS traffic detected: 23.1.102.27:443 -> 192.168.2.7:49757 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.7:49764 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 23.1.102.27:443 -> 192.168.2.7:49776 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.7:49958 version: TLS 1.2
                Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeCode function: 1_2_004056E5 GetDlgItem,GetDlgItem,GetDlgItem,GetDlgItem,GetClientRect,GetSystemMetrics,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,ShowWindow,ShowWindow,GetDlgItem,SendMessageW,SendMessageW,SendMessageW,GetDlgItem,CreateThread,CloseHandle,ShowWindow,ShowWindow,ShowWindow,ShowWindow,SendMessageW,CreatePopupMenu,AppendMenuW,GetWindowRect,TrackPopupMenu,SendMessageW,OpenClipboard,EmptyClipboard,GlobalAlloc,GlobalLock,SendMessageW,GlobalUnlock,SetClipboardData,CloseClipboard,1_2_004056E5

                System Summary

                barindex
                Malicious sample detected (through community Yara rule)
                Source: C:\Users\user\AppData\Local\Programs\Fiddler\Fiddler.exe, type: DROPPEDMatched rule: Detects zgRAT Author: ditekSHen
                Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeCode function: 1_2_004034FC EntryPoint,SetErrorMode,GetVersionExW,GetVersionExW,GetVersionExW,lstrlenA,#17,OleInitialize,SHGetFileInfoW,GetCommandLineW,CharNextW,GetTempPathW,GetTempPathW,GetWindowsDirectoryW,lstrcatW,GetTempPathW,lstrcatW,SetEnvironmentVariableW,SetEnvironmentVariableW,SetEnvironmentVariableW,DeleteFileW,lstrlenW,wsprintfW,GetFileAttributesW,DeleteFileW,SetCurrentDirectoryW,CopyFileW,OleUninitialize,ExitProcess,CloseHandle,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,ExitWindowsEx,ExitProcess,1_2_004034FC
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeCode function: 3_2_00403645 EntryPoint,SetErrorMode,GetVersionExW,GetVersionExW,GetVersionExW,lstrlenA,#17,OleInitialize,SHGetFileInfoW,GetCommandLineW,CharNextW,GetTempPathW,GetTempPathW,GetWindowsDirectoryW,lstrcatW,GetTempPathW,lstrcatW,SetEnvironmentVariableW,SetEnvironmentVariableW,SetEnvironmentVariableW,DeleteFileW,lstrlenW,wsprintfW,GetFileAttributesW,DeleteFileW,SetCurrentDirectoryW,CopyFileW,OleUninitialize,ExitProcess,CloseHandle,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,ExitWindowsEx,ExitProcess,3_2_00403645
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeFile created: C:\Windows\Microsoft.NET\ngenserviceclientlock.datJump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeFile created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngenrootstorelock.datJump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeFile created: C:\Windows\Microsoft.NET\ngennicupdatelock.datJump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeFile created: C:\Windows\Microsoft.NET\ngenserviceclientlock.datJump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeFile created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngenrootstorelock.datJump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeFile created: C:\Windows\Microsoft.NET\ngennicupdatelock.datJump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\ngenlock.dat
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Data.SqlXml
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Data.SqlXml\78d6922d3a02a93359e189f060d76f47
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Data.SqlXml\78d6922d3a02a93359e189f060d76f47\System.Data.SqlXml.ni.dll.aux.tmp
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\ngenlock.dat
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Security
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Security\bde2021ecdaa53585a395f095971633c
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Security\bde2021ecdaa53585a395f095971633c\System.Security.ni.dll.aux.tmp
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\ngenlock.dat
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Deployment
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Deployment\4fa111e50d95d3e08c2d856a5394af3b
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Deployment\4fa111e50d95d3e08c2d856a5394af3b\System.Deployment.ni.dll.aux.tmp
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\ngenlock.dat
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\f975db3abcedde8df2408b15e2c6dd09
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\f975db3abcedde8df2408b15e2c6dd09\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux.tmp
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\ngenlock.dat
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.JScript
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.JScript\8e9f4b8ba90f0dd7ead0f6d3724d12f0
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.JScript\8e9f4b8ba90f0dd7ead0f6d3724d12f0\Microsoft.JScript.ni.dll.aux.tmp
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\ngenlock.dat
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Web
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Web\0bc179a6f5376dabed45d64773e7a963
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Web\0bc179a6f5376dabed45d64773e7a963\System.Web.ni.dll.aux.tmp
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\ngenlock.dat
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Ente96d83b35#
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Ente96d83b35#\cbb85b2c3ecfe129570a8c187041de31
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Ente96d83b35#\cbb85b2c3ecfe129570a8c187041de31\System.EnterpriseServices.ni.dll.aux.tmp
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\ngenlock.dat
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runt19c51595#
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runt19c51595#\b5d4608754b2d1d4f1d2d3c00cbcdfe0
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runt19c51595#\b5d4608754b2d1d4f1d2d3c00cbcdfe0\System.Runtime.Caching.ni.dll.aux.tmp
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\ngenlock.dat
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Web.82d5542b#
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Web.82d5542b#\9c63130543c9d395491387159924bf83
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Web.82d5542b#\9c63130543c9d395491387159924bf83\System.Web.RegularExpressions.ni.dll.aux.tmp
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\ngenlock.dat
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Design
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Design\e6264fe3334740cf9e7da3afc7d524cc
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Design\e6264fe3334740cf9e7da3afc7d524cc\System.Design.ni.dll.aux.tmp
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\ngenlock.dat
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Data86569bbf#
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Data86569bbf#\058b5c6d514044e05b07d4b113045f72
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Data86569bbf#\058b5c6d514044e05b07d4b113045f72\System.Data.OracleClient.ni.dll.aux.tmp
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\ngenlock.dat
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Draw0a54d252#
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Draw0a54d252#\1add9b3a6e41e9922f7c95ebd442ed4e
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Draw0a54d252#\1add9b3a6e41e9922f7c95ebd442ed4e\System.Drawing.Design.ni.dll.aux.tmp
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\ngenlock.dat
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Web.8dc504e4#
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Web.8dc504e4#\51cf3243e3f9124c32bc8614b4bcda4e
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Web.8dc504e4#\51cf3243e3f9124c32bc8614b4bcda4e\System.Web.ApplicationServices.ni.dll.aux.tmp
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\ngenlock.dat
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Comp46f2b404#
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Comp46f2b404#\70bed732cba41d298e54cc0a935a935b
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Comp46f2b404#\70bed732cba41d298e54cc0a935a935b\System.ComponentModel.DataAnnotations.ni.dll.aux.tmp
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\ngenlock.dat
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Dire5d62f0a2#
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Dire5d62f0a2#\a2886f8a05c8adae3050b95af3970e92
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Dire5d62f0a2#\a2886f8a05c8adae3050b95af3970e92\System.DirectoryServices.Protocols.ni.dll.aux.tmp
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\ngenlock.dat
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Servd1dec626#
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Servd1dec626#\aa6a3ae1d00b1eb221bba5375e6387b1
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Servd1dec626#\aa6a3ae1d00b1eb221bba5375e6387b1\System.ServiceModel.Internals.ni.dll.aux.tmp
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\ngenlock.dat
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\SMDiagnostics
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\SMDiagnostics\1936f2ecbcf18cda53f04b49073cf801
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\SMDiagnostics\1936f2ecbcf18cda53f04b49073cf801\SMDiagnostics.ni.dll.aux.tmp
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\ngenlock.dat
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.B83e9cb53#
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.B83e9cb53#\7192d8df2c3d8228b392f5912e16ebc2
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.B83e9cb53#\7192d8df2c3d8228b392f5912e16ebc2\Microsoft.Build.Utilities.v4.0.ni.dll.aux.tmp
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\ngenlock.dat
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.B3325a29b#
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.B3325a29b#\3f8d7f63514ceeaa11244b3e16a3ea5c
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.B3325a29b#\3f8d7f63514ceeaa11244b3e16a3ea5c\Microsoft.Build.Framework.ni.dll.aux.tmp
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\ngenlock.dat
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\ngenlock.dat
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\ngenlock.dat
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\ngenlock.dat
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\ngenlock.dat
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\ngenlock.dat
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\ngenlock.dat
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\ngenlock.dat
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\ngenlock.dat
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\ngenlock.dat
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\ngenlock.dat
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\ngenlock.dat
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\ngenlock.dat
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\ngenlock.dat
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\ngenlock.dat
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\ngenlock.dat
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\ngenlock.dat
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\ngenlock.dat
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\ngenlock.dat
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\ngenlock.dat
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\EnableLoopback
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\EnableLoopback\59a1f5e7ac4b0e905803332438ede0a4
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\EnableLoopback\59a1f5e7ac4b0e905803332438ede0a4\EnableLoopback.ni.exe.aux.tmp
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\ngenlock.dat
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Security
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Security\bde2021ecdaa53585a395f095971633c
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Security\bde2021ecdaa53585a395f095971633c\System.Security.ni.dll.aux.tmp
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\ngenlock.dat
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Data.SqlXml
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Data.SqlXml\78d6922d3a02a93359e189f060d76f47
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Data.SqlXml\78d6922d3a02a93359e189f060d76f47\System.Data.SqlXml.ni.dll.aux.tmp
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\ngenlock.dat
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Numerics
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Numerics\ce1e4670373608336100bea63bbc8990
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Numerics\ce1e4670373608336100bea63bbc8990\System.Numerics.ni.dll.aux.tmp
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\ngenlock.dat
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Deployment
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Deployment\4fa111e50d95d3e08c2d856a5394af3b
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Deployment\4fa111e50d95d3e08c2d856a5394af3b\System.Deployment.ni.dll.aux.tmp
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\ngenlock.dat
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\f975db3abcedde8df2408b15e2c6dd09
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\f975db3abcedde8df2408b15e2c6dd09\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux.tmp
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile deleted: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1c50-0
                Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeCode function: 1_2_00406C3F1_2_00406C3F
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeCode function: 3_2_00406DA03_2_00406DA0
                Source: SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeStatic PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE
                Source: C:\Users\user\AppData\Local\Programs\Fiddler\Fiddler.exe, type: DROPPEDMatched rule: MALWARE_Win_zgRAT author = ditekSHen, description = Detects zgRAT
                Source: DotNetZip.dll.3.dr, WinZipAesCipherStream.csCryptographic APIs: 'TransformBlock'
                Source: DotNetZip.dll.3.dr, WinZipAesCipherStream.csCryptographic APIs: 'TransformFinalBlock'
                Source: DotNetZip.dll.3.dr, WinZipAesCipherStream.csCryptographic APIs: 'TransformFinalBlock', 'TransformBlock'
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.00000000029A6000.00000004.00000020.00020000.00000000.sdmp, QWhale.Syntax.Parsers.dll0.3.drBinary or memory string: QWhale.Syntax.Parsers.VbParser.resources
                Source: System.Web.dll.35.drBinary or memory string: *.sln
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.00000000029A6000.00000004.00000020.00020000.00000000.sdmp, QWhale.Syntax.Parsers.dll0.3.drBinary or memory string: Images.VbParser.bmp
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.00000000029A6000.00000004.00000020.00020000.00000000.sdmp, QWhale.Syntax.Parsers.dll0.3.drBinary or memory string: QWhale.Syntax.Parsers.VbParser
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.00000000029A6000.00000004.00000020.00020000.00000000.sdmp, QWhale.Syntax.Parsers.dll0.3.drBinary or memory string: QWhale.Syntax.Parsers.Images.VbParser.bmp
                Source: classification engineClassification label: mal40.troj.evad.winEXE@137/328@120/40
                Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeCode function: 1_2_004034FC EntryPoint,SetErrorMode,GetVersionExW,GetVersionExW,GetVersionExW,lstrlenA,#17,OleInitialize,SHGetFileInfoW,GetCommandLineW,CharNextW,GetTempPathW,GetTempPathW,GetWindowsDirectoryW,lstrcatW,GetTempPathW,lstrcatW,SetEnvironmentVariableW,SetEnvironmentVariableW,SetEnvironmentVariableW,DeleteFileW,lstrlenW,wsprintfW,GetFileAttributesW,DeleteFileW,SetCurrentDirectoryW,CopyFileW,OleUninitialize,ExitProcess,CloseHandle,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,ExitWindowsEx,ExitProcess,1_2_004034FC
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeCode function: 3_2_00403645 EntryPoint,SetErrorMode,GetVersionExW,GetVersionExW,GetVersionExW,lstrlenA,#17,OleInitialize,SHGetFileInfoW,GetCommandLineW,CharNextW,GetTempPathW,GetTempPathW,GetWindowsDirectoryW,lstrcatW,GetTempPathW,lstrcatW,SetEnvironmentVariableW,SetEnvironmentVariableW,SetEnvironmentVariableW,DeleteFileW,lstrlenW,wsprintfW,GetFileAttributesW,DeleteFileW,SetCurrentDirectoryW,CopyFileW,OleUninitialize,ExitProcess,CloseHandle,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,ExitWindowsEx,ExitProcess,3_2_00403645
                Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeCode function: 1_2_00404991 GetDlgItem,SetWindowTextW,SHBrowseForFolderW,CoTaskMemFree,lstrcmpiW,lstrcatW,SetDlgItemTextW,GetDiskFreeSpaceW,MulDiv,SetDlgItemTextW,1_2_00404991
                Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeCode function: 1_2_004021AF CoCreateInstance,1_2_004021AF
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Local\ProgramsJump to behavior
                Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7328:120:WilError_03
                Source: C:\Windows\System32\conhost.exeMutant created: \BaseNamedObjects\Local\SM0:7508:120:WilError_03
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeMutant created: NULL
                Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7276:120:WilError_03
                Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7252:120:WilError_03
                Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7224:120:WilError_03
                Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7312:120:WilError_03
                Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeFile created: C:\Users\user~1\AppData\Local\Temp\nsoE408.tmpJump to behavior
                Source: SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT Family,VirtualizationFirmwareEnabled FROM Win32_Processor
                Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeFile read: C:\Users\desktop.iniJump to behavior
                Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
                Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeFile read: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeJump to behavior
                Source: unknownProcess created: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe "C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe"
                Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeProcess created: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe "C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" /D=
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess created: C:\Windows\SysWOW64\netsh.exe "C:\Windows\system32\netsh.exe" advfirewall firewall delete rule name="FiddlerProxy"
                Source: C:\Windows\SysWOW64\netsh.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess created: C:\Windows\SysWOW64\netsh.exe "C:\Windows\system32\netsh.exe" advfirewall firewall add rule name="FiddlerProxy" program="C:\Users\user\AppData\Local\Programs\Fiddler\Fiddler.exe" action=allow profile=any dir=in edge=deferuser protocol=tcp description="Permit inbound connections to Fiddler"
                Source: C:\Windows\SysWOW64\netsh.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exe "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exe" install "C:\Users\user\AppData\Local\Programs\Fiddler\Fiddler.exe"
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exe "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exe" install "C:\Users\user\AppData\Local\Programs\Fiddler\EnableLoopback.exe"
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess created: C:\Users\user\AppData\Local\Programs\Fiddler\SetupHelper "C:\Users\user\AppData\Local\Programs\Fiddler\SetupHelper" /a "C:\Users\user\AppData\Local\Programs\Fiddler"
                Source: C:\Users\user\AppData\Local\Programs\Fiddler\SetupHelperProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 1cc -InterruptEvent 0 -NGENProcess 1bc -Pipe 1c8 -Comment "NGen Worker Process"
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://fiddler2.com/r/?Fiddler2FirstRun
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2660 --field-trial-handle=2244,i,18061082204408847072,8654867018620333004,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 26c -InterruptEvent 0 -NGENProcess 260 -Pipe 268 -Comment "NGen Worker Process"
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 27c -InterruptEvent 0 -NGENProcess 270 -Pipe 278 -Comment "NGen Worker Process"
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 28c -InterruptEvent 0 -NGENProcess 280 -Pipe 288 -Comment "NGen Worker Process"
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 29c -InterruptEvent 0 -NGENProcess 290 -Pipe 298 -Comment "NGen Worker Process"
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2ec -InterruptEvent 0 -NGENProcess 2dc -Pipe 264 -Comment "NGen Worker Process"
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2c8 -InterruptEvent 0 -NGENProcess 2fc -Pipe 290 -Comment "NGen Worker Process"
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2fc -InterruptEvent 0 -NGENProcess 26c -Pipe 2c8 -Comment "NGen Worker Process"
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2f4 -InterruptEvent 0 -NGENProcess 294 -Pipe 304 -Comment "NGen Worker Process"
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 314 -InterruptEvent 0 -NGENProcess 2f0 -Pipe 2ec -Comment "NGen Worker Process"
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 314 -InterruptEvent 0 -NGENProcess 2f0 -Pipe 2f4 -Comment "NGen Worker Process"
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 308 -InterruptEvent 0 -NGENProcess 2f4 -Pipe 264 -Comment "NGen Worker Process"
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 270 -InterruptEvent 0 -NGENProcess 2dc -Pipe 304 -Comment "NGen Worker Process"
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 270 -InterruptEvent 0 -NGENProcess 330 -Pipe 328 -Comment "NGen Worker Process"
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 318 -InterruptEvent 0 -NGENProcess 320 -Pipe 30c -Comment "NGen Worker Process"
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 324 -InterruptEvent 0 -NGENProcess 18c -Pipe 330 -Comment "NGen Worker Process"
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2f4 -InterruptEvent 0 -NGENProcess 280 -Pipe 270 -Comment "NGen Worker Process"
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2dc -InterruptEvent 0 -NGENProcess 324 -Pipe 2f4 -Comment "NGen Worker Process"
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 260 -InterruptEvent 0 -NGENProcess 2a4 -Pipe 328 -Comment "NGen Worker Process"
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 328 -InterruptEvent 0 -NGENProcess 338 -Pipe 18c -Comment "NGen Worker Process"
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2dc -InterruptEvent 0 -NGENProcess 320 -Pipe 334 -Comment "NGen Worker Process"
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 318 -InterruptEvent 0 -NGENProcess 34c -Pipe 31c -Comment "NGen Worker Process"
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 324 -InterruptEvent 0 -NGENProcess 354 -Pipe 328 -Comment "NGen Worker Process"
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 364 -InterruptEvent 0 -NGENProcess 340 -Pipe 360 -Comment "NGen Worker Process"
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 388 -InterruptEvent 0 -NGENProcess 38c -Pipe 398 -Comment "NGen Worker Process"
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 388 -InterruptEvent 0 -NGENProcess 370 -Pipe 36c -Comment "NGen Worker Process"
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3b4 -InterruptEvent 0 -NGENProcess 3a8 -Pipe 3b0 -Comment "NGen Worker Process"
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3ac -InterruptEvent 0 -NGENProcess 3cc -Pipe 394 -Comment "NGen Worker Process"
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3a8 -InterruptEvent 0 -NGENProcess 3ac -Pipe 384 -Comment "NGen Worker Process"
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3d8 -InterruptEvent 0 -NGENProcess 3dc -Pipe 3e8 -Comment "NGen Worker Process"
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3a8 -InterruptEvent 0 -NGENProcess 3b4 -Pipe 280 -Comment "NGen Worker Process"
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 38c -InterruptEvent 0 -NGENProcess 3a4 -Pipe 370 -Comment "NGen Worker Process"
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3b8 -InterruptEvent 0 -NGENProcess 3d0 -Pipe 3c4 -Comment "NGen Worker Process"
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3b8 -InterruptEvent 0 -NGENProcess 3e4 -Pipe 3e0 -Comment "NGen Worker Process"
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3ac -InterruptEvent 0 -NGENProcess 3ec -Pipe 3c0 -Comment "NGen Worker Process"
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3d0 -InterruptEvent 0 -NGENProcess 3e4 -Pipe 3ec -Comment "NGen Worker Process"
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3d8 -InterruptEvent 0 -NGENProcess 3bc -Pipe 3b8 -Comment "NGen Worker Process"
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 390 -InterruptEvent 0 -NGENProcess 3d8 -Pipe 3a0 -Comment "NGen Worker Process"
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3d8 -InterruptEvent 0 -NGENProcess 3ac -Pipe 3d4 -Comment "NGen Worker Process"
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 390 -InterruptEvent 0 -NGENProcess 3d8 -Pipe 3b8 -Comment "NGen Worker Process"
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3e4 -InterruptEvent 0 -NGENProcess 3d0 -Pipe 388 -Comment "NGen Worker Process"
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 38c -InterruptEvent 0 -NGENProcess 3d8 -Pipe 3e4 -Comment "NGen Worker Process"
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 1d4 -InterruptEvent 0 -NGENProcess 1c4 -Pipe 1d0 -Comment "NGen Worker Process"
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2a4 -InterruptEvent 0 -NGENProcess 298 -Pipe 2a0 -Comment "NGen Worker Process"
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2c0 -InterruptEvent 0 -NGENProcess 268 -Pipe 2bc -Comment "NGen Worker Process"
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2b4 -InterruptEvent 0 -NGENProcess 2a8 -Pipe 2b0 -Comment "NGen Worker Process"
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 260 -InterruptEvent 0 -NGENProcess 264 -Pipe 26c -Comment "NGen Worker Process"
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2c8 -InterruptEvent 0 -NGENProcess 300 -Pipe 334 -Comment "NGen Worker Process"
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 270 -InterruptEvent 0 -NGENProcess 2b8 -Pipe 2c0 -Comment "NGen Worker Process"
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeProcess created: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe "C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" /D=Jump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess created: C:\Windows\SysWOW64\netsh.exe "C:\Windows\system32\netsh.exe" advfirewall firewall delete rule name="FiddlerProxy"Jump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess created: C:\Windows\SysWOW64\netsh.exe "C:\Windows\system32\netsh.exe" advfirewall firewall add rule name="FiddlerProxy" program="C:\Users\user\AppData\Local\Programs\Fiddler\Fiddler.exe" action=allow profile=any dir=in edge=deferuser protocol=tcp description="Permit inbound connections to Fiddler"Jump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exe "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exe" install "C:\Users\user\AppData\Local\Programs\Fiddler\Fiddler.exe"Jump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exe "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exe" install "C:\Users\user\AppData\Local\Programs\Fiddler\EnableLoopback.exe"Jump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess created: C:\Users\user\AppData\Local\Programs\Fiddler\SetupHelper "C:\Users\user\AppData\Local\Programs\Fiddler\SetupHelper" /a "C:\Users\user\AppData\Local\Programs\Fiddler"Jump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://fiddler2.com/r/?Fiddler2FirstRunJump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 1cc -InterruptEvent 0 -NGENProcess 1bc -Pipe 1c8 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 26c -InterruptEvent 0 -NGENProcess 260 -Pipe 268 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 27c -InterruptEvent 0 -NGENProcess 270 -Pipe 278 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 28c -InterruptEvent 0 -NGENProcess 280 -Pipe 288 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 29c -InterruptEvent 0 -NGENProcess 290 -Pipe 298 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2ec -InterruptEvent 0 -NGENProcess 2dc -Pipe 264 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2c8 -InterruptEvent 0 -NGENProcess 2fc -Pipe 290 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2fc -InterruptEvent 0 -NGENProcess 26c -Pipe 2c8 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2f4 -InterruptEvent 0 -NGENProcess 294 -Pipe 304 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 314 -InterruptEvent 0 -NGENProcess 2f0 -Pipe 2ec -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 314 -InterruptEvent 0 -NGENProcess 2f0 -Pipe 2f4 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 308 -InterruptEvent 0 -NGENProcess 2f4 -Pipe 264 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 270 -InterruptEvent 0 -NGENProcess 2dc -Pipe 304 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 270 -InterruptEvent 0 -NGENProcess 330 -Pipe 328 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 318 -InterruptEvent 0 -NGENProcess 320 -Pipe 30c -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 324 -InterruptEvent 0 -NGENProcess 18c -Pipe 330 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2f4 -InterruptEvent 0 -NGENProcess 280 -Pipe 270 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2dc -InterruptEvent 0 -NGENProcess 324 -Pipe 2f4 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 260 -InterruptEvent 0 -NGENProcess 2a4 -Pipe 328 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 328 -InterruptEvent 0 -NGENProcess 338 -Pipe 18c -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2dc -InterruptEvent 0 -NGENProcess 320 -Pipe 334 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 318 -InterruptEvent 0 -NGENProcess 34c -Pipe 31c -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 324 -InterruptEvent 0 -NGENProcess 354 -Pipe 328 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 364 -InterruptEvent 0 -NGENProcess 340 -Pipe 360 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 388 -InterruptEvent 0 -NGENProcess 38c -Pipe 398 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 388 -InterruptEvent 0 -NGENProcess 370 -Pipe 36c -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3b4 -InterruptEvent 0 -NGENProcess 3a8 -Pipe 3b0 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3ac -InterruptEvent 0 -NGENProcess 3cc -Pipe 394 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3a8 -InterruptEvent 0 -NGENProcess 3ac -Pipe 384 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3d8 -InterruptEvent 0 -NGENProcess 3dc -Pipe 3e8 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3a8 -InterruptEvent 0 -NGENProcess 3b4 -Pipe 280 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 38c -InterruptEvent 0 -NGENProcess 3a4 -Pipe 370 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3b8 -InterruptEvent 0 -NGENProcess 3d0 -Pipe 3c4 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3b8 -InterruptEvent 0 -NGENProcess 3e4 -Pipe 3e0 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3ac -InterruptEvent 0 -NGENProcess 3ec -Pipe 3c0 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 260 -InterruptEvent 0 -NGENProcess 2a4 -Pipe 328 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3d0 -InterruptEvent 0 -NGENProcess 3e4 -Pipe 3ec -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3d8 -InterruptEvent 0 -NGENProcess 3bc -Pipe 3b8 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 390 -InterruptEvent 0 -NGENProcess 3d8 -Pipe 3a0 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3d8 -InterruptEvent 0 -NGENProcess 3ac -Pipe 3d4 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 390 -InterruptEvent 0 -NGENProcess 3d8 -Pipe 3b8 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3e4 -InterruptEvent 0 -NGENProcess 3d0 -Pipe 388 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 38c -InterruptEvent 0 -NGENProcess 3d8 -Pipe 3e4 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 1d4 -InterruptEvent 0 -NGENProcess 1c4 -Pipe 1d0 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2a4 -InterruptEvent 0 -NGENProcess 298 -Pipe 2a0 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2b4 -InterruptEvent 0 -NGENProcess 2a8 -Pipe 2b0 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2c0 -InterruptEvent 0 -NGENProcess 268 -Pipe 2bc -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 260 -InterruptEvent 0 -NGENProcess 264 -Pipe 26c -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2c8 -InterruptEvent 0 -NGENProcess 300 -Pipe 334 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 270 -InterruptEvent 0 -NGENProcess 2b8 -Pipe 2c0 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2660 --field-trial-handle=2244,i,18061082204408847072,8654867018620333004,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 260 -InterruptEvent 0 -NGENProcess 264 -Pipe 26c -Comment "NGen Worker Process"
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 308 -InterruptEvent 0 -NGENProcess 2f4 -Pipe 264 -Comment "NGen Worker Process"
                Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeSection loaded: uxtheme.dllJump to behavior
                Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeSection loaded: userenv.dllJump to behavior
                Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeSection loaded: apphelp.dllJump to behavior
                Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeSection loaded: propsys.dllJump to behavior
                Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeSection loaded: dwmapi.dllJump to behavior
                Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeSection loaded: cryptbase.dllJump to behavior
                Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeSection loaded: oleacc.dllJump to behavior
                Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeSection loaded: ntmarta.dllJump to behavior
                Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeSection loaded: version.dllJump to behavior
                Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeSection loaded: shfolder.dllJump to behavior
                Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeSection loaded: kernel.appcore.dllJump to behavior
                Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeSection loaded: windows.storage.dllJump to behavior
                Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeSection loaded: wldp.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: uxtheme.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: userenv.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: apphelp.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: propsys.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: dwmapi.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: cryptbase.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: oleacc.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: ntmarta.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: version.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: shfolder.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: kernel.appcore.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: windows.storage.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: wldp.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: profapi.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: riched20.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: usp10.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: msls31.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: textinputframework.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: coreuicomponents.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: coremessaging.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: coremessaging.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: wintypes.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: wintypes.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: wintypes.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: textshaping.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: linkinfo.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: ntshrui.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: sspicli.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: srvcli.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: cscapi.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: edputil.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: urlmon.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: iertutil.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: netutils.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: windows.staterepositoryps.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: appresolver.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: bcp47langs.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: slc.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: sppc.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: onecorecommonproxystub.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: windows.shell.servicehostbuilder.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: ieframe.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: netapi32.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: winhttp.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: wkscli.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: secur32.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: mlang.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: wininet.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: policymanager.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: msvcp110_win.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: pcacli.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: mpr.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeSection loaded: sfc_os.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: kernel.appcore.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: ifmon.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: iphlpapi.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: mprapi.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: rasmontr.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: rasapi32.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: fwpuclnt.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: rasman.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: mfc42u.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: rasman.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: authfwcfg.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: fwpolicyiomgr.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: firewallapi.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: dnsapi.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: fwbase.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: dhcpcmonitor.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: dot3cfg.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: dot3api.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: onex.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: eappcfg.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: ncrypt.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: eappprxy.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: ntasn1.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: fwcfg.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: hnetmon.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: netshell.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: nlaapi.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: netsetupapi.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: netiohlp.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: dhcpcsvc.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: winnsi.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: nshhttp.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: httpapi.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: nshipsec.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: userenv.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: activeds.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: polstore.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: winipsec.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: adsldpc.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: nshwfp.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: cabinet.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: p2pnetsh.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: p2p.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: profapi.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: cryptbase.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: rpcnsh.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: whhelper.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: winhttp.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: wlancfg.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: cryptsp.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: wlanapi.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: wshelper.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: wevtapi.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: mswsock.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: peerdistsh.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: uxtheme.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: wcmapi.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: rmclient.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: mobilenetworking.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: slc.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: sppc.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: gpapi.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: ktmw32.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: mprmsg.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: windows.storage.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: wldp.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: msasn1.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: kernel.appcore.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: ifmon.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: iphlpapi.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: mprapi.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: rasmontr.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: rasapi32.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: fwpuclnt.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: rasman.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: mfc42u.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: rasman.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: authfwcfg.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: fwpolicyiomgr.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: firewallapi.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: dnsapi.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: fwbase.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: dhcpcmonitor.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: dot3cfg.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: dot3api.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: onex.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: eappcfg.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: ncrypt.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: eappprxy.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: ntasn1.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: fwcfg.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: hnetmon.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: netshell.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: nlaapi.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: netsetupapi.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: netiohlp.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: dhcpcsvc.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: winnsi.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: nshhttp.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: httpapi.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: nshipsec.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: userenv.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: activeds.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: polstore.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: winipsec.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: adsldpc.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: nshwfp.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: cabinet.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: p2pnetsh.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: p2p.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: profapi.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: cryptbase.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: rpcnsh.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: whhelper.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: winhttp.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: wlancfg.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: cryptsp.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: wlanapi.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: wshelper.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: wevtapi.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: mswsock.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: peerdistsh.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: uxtheme.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: wcmapi.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: rmclient.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: mobilenetworking.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: slc.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: sppc.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: gpapi.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: ktmw32.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: mprmsg.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: windows.storage.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: wldp.dllJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeSection loaded: msasn1.dllJump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeSection loaded: mscoree.dllJump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeSection loaded: kernel.appcore.dllJump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeSection loaded: version.dllJump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeSection loaded: fusion.dllJump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeSection loaded: wldp.dllJump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeSection loaded: sxs.dllJump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeSection loaded: mscoree.dllJump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeSection loaded: kernel.appcore.dllJump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeSection loaded: version.dllJump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeSection loaded: fusion.dllJump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeSection loaded: wldp.dllJump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeSection loaded: sxs.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Programs\Fiddler\SetupHelperSection loaded: mscoree.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Programs\Fiddler\SetupHelperSection loaded: apphelp.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Programs\Fiddler\SetupHelperSection loaded: kernel.appcore.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Programs\Fiddler\SetupHelperSection loaded: version.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Programs\Fiddler\SetupHelperSection loaded: vcruntime140_clr0400.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Programs\Fiddler\SetupHelperSection loaded: ucrtbase_clr0400.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Programs\Fiddler\SetupHelperSection loaded: ucrtbase_clr0400.dllJump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: vcruntime140_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: ucrtbase_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: mscoree.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: ucrtbase_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: kernel.appcore.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: uxtheme.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: sxs.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: version.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: cryptsp.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: rsaenh.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: cryptbase.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: vcruntime140_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: ucrtbase_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: mscoree.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: ucrtbase_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: kernel.appcore.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: uxtheme.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: sxs.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: version.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: cryptsp.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: rsaenh.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: cryptbase.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: vcruntime140_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: ucrtbase_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: mscoree.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: ucrtbase_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: kernel.appcore.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: uxtheme.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: sxs.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: version.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: cryptsp.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: rsaenh.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: cryptbase.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: vcruntime140_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: ucrtbase_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: mscoree.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: ucrtbase_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: kernel.appcore.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: uxtheme.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: sxs.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: vcruntime140_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: ucrtbase_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: mscoree.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: kernel.appcore.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: uxtheme.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: sxs.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: vcruntime140_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: ucrtbase_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: mscoree.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: ucrtbase_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: kernel.appcore.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: uxtheme.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: sxs.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: vcruntime140_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: ucrtbase_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: mscoree.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: ucrtbase_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: kernel.appcore.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: uxtheme.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: sxs.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: vcruntime140_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: ucrtbase_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: mscoree.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: ucrtbase_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: kernel.appcore.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: uxtheme.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: sxs.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: vcruntime140_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: ucrtbase_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: mscoree.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: ucrtbase_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: kernel.appcore.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: uxtheme.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: sxs.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: vcruntime140_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: ucrtbase_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: mscoree.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: ucrtbase_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: kernel.appcore.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: uxtheme.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: sxs.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: vcruntime140_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: ucrtbase_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: mscoree.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: kernel.appcore.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: uxtheme.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: sxs.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: vcruntime140_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: ucrtbase_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: mscoree.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: ucrtbase_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: kernel.appcore.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: uxtheme.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: sxs.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: vcruntime140_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: ucrtbase_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: mscoree.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: ucrtbase_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: kernel.appcore.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: uxtheme.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: sxs.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: vcruntime140_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: ucrtbase_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: mscoree.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: ucrtbase_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: kernel.appcore.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: uxtheme.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: sxs.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: vcruntime140_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: ucrtbase_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: mscoree.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: ucrtbase_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: kernel.appcore.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: uxtheme.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: sxs.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: vcruntime140_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: ucrtbase_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: mscoree.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: ucrtbase_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: kernel.appcore.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: uxtheme.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: sxs.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: vcruntime140_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: ucrtbase_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: mscoree.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: ucrtbase_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: kernel.appcore.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: uxtheme.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: sxs.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: vcruntime140_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: ucrtbase_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: mscoree.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: ucrtbase_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: kernel.appcore.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: uxtheme.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: sxs.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: vcruntime140_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: ucrtbase_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: mscoree.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: ucrtbase_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: kernel.appcore.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: uxtheme.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: sxs.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: vcruntime140_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: ucrtbase_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: mscoree.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: kernel.appcore.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: uxtheme.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: sxs.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: vcruntime140_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: ucrtbase_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: mscoree.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: ucrtbase_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: kernel.appcore.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: uxtheme.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: sxs.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: vcruntime140_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: ucrtbase_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: mscoree.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: ucrtbase_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: kernel.appcore.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: uxtheme.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: sxs.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: vcruntime140_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: ucrtbase_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: mscoree.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: ucrtbase_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: kernel.appcore.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: uxtheme.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: sxs.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: vcruntime140_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: ucrtbase_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: mscoree.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: ucrtbase_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: kernel.appcore.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: uxtheme.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: sxs.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: version.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: vcruntime140_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: ucrtbase_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: mscoree.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: ucrtbase_clr0400.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: kernel.appcore.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: uxtheme.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: sxs.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: version.dll
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSection loaded: wofutil.dll
                Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1f486a52-3cb1-48fd-8f50-b8dc300d9f9d}\InProcServer32Jump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeAutomated click: I Agree
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeAutomated click: Install
                Source: Window RecorderWindow detected: More than 3 window changes detected
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeFile opened: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorrc.dllJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeRegistry value created: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Fiddler2Jump to behavior
                Source: SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeStatic PE information: certificate valid
                Source: SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeStatic file information: File size 4632256 > 1048576
                Source: SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeStatic PE information: DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
                Source: Binary string: Extract: Fiddler.pdb source: FiddlerSetup.exe, 00000003.00000002.2525824876.00000000005DC000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: C:\src\GitHub\fiddler\Fiddler2\Common\ExecAction\v4\obj\x86\Release\ExecAction.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: D:\a\fiddler-classic\fiddler-classic\Fiddler2\BundledExtensions\RulesTab2\obj\Release Signed\RulesTab2.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.00000000029A6000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: Extract: SimpleFilter.pdb source: FiddlerSetup.exe, 00000003.00000002.2525824876.00000000005F8000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: D:\a\fiddler-classic\fiddler-classic\Fiddler2\BundledExtensions\SimpleFilter\obj\Release Signed\SimpleFilter.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.00000000027DA000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: System.Data.SqlXml.ni.pdb source: System.Data.SqlXml.dll.29.dr
                Source: Binary string: C:\Jenkins\NetworkConnections_Release\workspace\src\Telerik.NetworkConnections\Telerik.NetworkConnections.Windows\obj\Release\net40\Telerik.NetworkConnections.Windows.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: C:\Jenkins\NetworkConnections_Release\workspace\src\Telerik.NetworkConnections\Telerik.NetworkConnections\obj\Release\net40\Telerik.NetworkConnections.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp, Telerik.NetworkConnections.dll.3.dr
                Source: Binary string: \ScriptEditorFSE2.exe.configBasicFormats.dllBasicFormats.pdbVSWebTestExport.dllVSWebTestExport.pdbWarning: Failed to write one or more files. source: FiddlerSetup.exe, 00000003.00000002.2525824876.0000000000578000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: Extract: BasicFormats.pdbu source: FiddlerSetup.exe, 00000003.00000002.2525824876.00000000005F8000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: System.Drawing.Design.ni.pdb source: System.Drawing.Design.dll.42.dr
                Source: Binary string: Extract: EnableLoopback.pdb2A source: FiddlerSetup.exe, 00000003.00000002.2525824876.0000000000578000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: F:\Projects\Dot.NET\SVN\Editor.NET\source\obj\Release\QWhale.Syntax.Schemes.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.00000000027DA000.00000004.00000020.00020000.00000000.sdmp, QWhale.Syntax.Schemes.dll.3.dr
                Source: Binary string: ler\Analytics.pdb\*.* source: FiddlerSetup.exe, 00000003.00000002.2525824876.00000000005DC000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: D:\telerik\fiddler\ThirdParty\zopfli\Release\Zopfli.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: F:\Projects\Dot.NET\SVN\Editor.NET\source\obj\Release\QWhale.Syntax.Parsers.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.00000000029A6000.00000004.00000020.00020000.00000000.sdmp, QWhale.Syntax.Parsers.dll0.3.dr
                Source: Binary string: \??\C:\Users\user\AppData\Local\Programs\Fiddler\ImportExport\VSWebTestExport.pdb\*.* source: FiddlerSetup.exe, 00000003.00000002.2525824876.000000000061A000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: System.Numerics.ni.pdb source: System.Numerics.dll.75.dr
                Source: Binary string: D:\a\fiddler-classic\fiddler-classic\Fiddler2\BundledExtensions\PngDistill\obj\Release Signed\PngDistill.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.00000000027DA000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: D:\a\fiddler-classic\fiddler-classic\Fiddler2\BundledExtensions\EnableLoopback\obj\Release Signed\EnableLoopback.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, EnableLoopback.exe.72.dr
                Source: Binary string: System.Deployment.ni.pdb source: System.Deployment.dll.31.dr
                Source: Binary string: \Tools\PngDistill.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmp
                Source: Binary string: System.Runtime.Serialization.Formatters.Soap.ni.pdbRSDS source: System.Runtime.Serialization.Formatters.Soap.dll.77.dr
                Source: Binary string: Extract: FiddlerOrchestra.Addon.pdb source: FiddlerSetup.exe, 00000003.00000002.2525824876.00000000005DC000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: \ScriptEditor\Analytics.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmp
                Source: Binary string: System.Runtime.Caching.ni.pdbRSDS source: System.Runtime.Caching.dll.37.dr
                Source: Binary string: \ImportExport\VSWebTestExport.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmp
                Source: Binary string: \UpdateFiddler.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmp
                Source: Binary string: \ImportExport\BasicFormats.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmp
                Source: Binary string: \Scripts\FiddlerOrchestra.Addon.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmp
                Source: Binary string: -: Completederik Fiddler Classicemp\nsx8D7.tmp\System.dll, 0) .r9lerxport.pdb\*.**.*kConnections.Windows.dll\*.*" action=allow profile=any dir=in edge=deferuser protocol=tcp description="Permit inbound connections to Fiddler" source: FiddlerSetup.exe, 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmp
                Source: Binary string: Extract: TrustCert.pdb source: FiddlerSetup.exe, 00000003.00000002.2525824876.00000000005DC000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: Extract: Timeline.pdbI source: FiddlerSetup.exe, 00000003.00000002.2525824876.00000000005F8000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: Local\.dll.pdb source: System.Web.dll.35.dr
                Source: Binary string: C:\projects\dotnetzip-semverd\src\Zip\obj\Release\DotNetZip.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: Extract: PngDistill.pdb source: FiddlerSetup.exe, 00000003.00000002.2525824876.00000000005F8000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: C:\JenkinsHome\jobs\AnalyticsReleaseBuild\workspace\Telerik.FJ.Analytics\GA.Analytics.Monitor\obj\Release\GA.Analytics.Monitor.pdbg source: GA.Analytics.Monitor.dll0.3.dr
                Source: Binary string: System.ServiceModel.Internals.ni.pdbRSDS source: System.ServiceModel.Internals.dll.46.dr
                Source: Binary string: System.Numerics.ni.pdbRSDSautg source: System.Numerics.dll.75.dr
                Source: Binary string: *?|<>/":%s%S.dllCallers\user~1\AppData\Local\Temp\nsx8D7.tmp\System.dllort\VSWebTestExport.pdb\*.**.*kConnections.Windows.dll\*.*C:\Users\user~1\AppData\Local\Temp\nsx8D7.tmp\System.dll2t\VSWebTestExport.pdbdlltworkConnections.Windows.dllFalsers\user~1\AppData\Local\Temp\nsx8D7.tmpr/tasks/configurefiddler.exe"ppData\Local\Programs\Fiddler\Fiddler.exe" action=allow profile=any dir=in edge=deferuser protocol=tcp description="Permit inbound connections to Fiddler"Trueers\user~1\AppData\Local\Temp\nsx8D7.tmp\System.dlltor\FSE2.exe source: FiddlerSetup.exe, 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmp
                Source: Binary string: Qcddler.pdb source: FiddlerSetup.exe, 00000003.00000002.2525824876.000000000061A000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: System.Drawing.Design.pdb source: System.Drawing.Design.dll.42.dr
                Source: Binary string: D:\a\fiddler-classic\fiddler-classic\Fiddler2\BundledExtensions\Timeline\obj\Release Signed\Timeline.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.00000000027DA000.00000004.00000020.00020000.00000000.sdmp, Timeline.dll.3.dr
                Source: Binary string: FiddlerOrchestra.Protocol.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002ADB000.00000004.00000020.00020000.00000000.sdmp, FiddlerOrchestra.Protocol.dll.3.dr
                Source: Binary string: System.Numerics.pdb source: System.Numerics.dll.75.dr
                Source: Binary string: SWebTestExport.pdbllx source: FiddlerSetup.exe, 00000003.00000002.2525824876.000000000064A000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: D:\a\fiddler-classic\fiddler-classic\Fiddler2\BundledExtensions\BasicFormats\obj\Release Signed\BasicFormats.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002ADB000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: FiddlerOrchestra.Protocol.pdbSHA256q source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002ADB000.00000004.00000020.00020000.00000000.sdmp, FiddlerOrchestra.Protocol.dll.3.dr
                Source: Binary string: D:\a\fiddler-classic\fiddler-classic\Fiddler\FiddlerOrchestra\FiddlerOrchestra.Addon\obj\Release\FiddlerOrchestra.Addon.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002ADB000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: EnableLoopback.ni.pdbRSDS source: EnableLoopback.exe.72.dr
                Source: Binary string: System.ServiceModel.Internals.pdb source: System.ServiceModel.Internals.dll.46.dr
                Source: Binary string: \Analytics.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmp
                Source: Binary string: System.Data.SqlXml.ni.pdbRSDS2 source: System.Data.SqlXml.dll.29.dr
                Source: Binary string: C:\Development\Releases\Json\Working\Newtonsoft.Json\Working-Signed\Src\Newtonsoft.Json\obj\Release\net45\Newtonsoft.Json.pdb source: Newtonsoft.Json.dll.3.dr
                Source: Binary string: System.EnterpriseServices.Wrapper.ni.pdb source: System.EnterpriseServices.Wrapper.dll.36.dr
                Source: Binary string: Extract: Analytics.pdbb source: FiddlerSetup.exe, 00000003.00000002.2525824876.00000000005F8000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: System.Runtime.Caching.pdb source: System.Runtime.Caching.dll.37.dr
                Source: Binary string: \Scripts\Timeline.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmp
                Source: Binary string: System.ServiceModel.Internals.ni.pdb source: System.ServiceModel.Internals.dll.46.dr
                Source: Binary string: \ScriptEditor\GA.Analytics.Monitor.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmp
                Source: Binary string: F:\Projects\Dot.NET\SVN\Editor.NET\source\obj\Release\QWhale.Syntax.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.00000000027DA000.00000004.00000020.00020000.00000000.sdmp, QWhale.Syntax.dll.3.dr
                Source: Binary string: Extract: Analytics.pdb source: FiddlerSetup.exe, 00000003.00000002.2525824876.0000000000578000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: Fiddler.pdb source: Fiddler.exe.3.dr
                Source: Binary string: D:\a\fiddler-classic\fiddler-classic\Fiddler2\BundledExtensions\VSWebTestExport\obj\Release Signed\VSWebTestExport.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002ADB000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: System.EnterpriseServices.Wrapper.ni.pdbRSDS source: System.EnterpriseServices.Wrapper.dll.36.dr
                Source: Binary string: \GA.Analytics.Monitor.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmp
                Source: Binary string: F:\Projects\Dot.NET\SVN\Editor.NET\source\obj\Release\QWhale.Editor.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.00000000027DA000.00000004.00000020.00020000.00000000.sdmp, QWhale.Editor.dll1.3.dr
                Source: Binary string: \REGISTRY\USER\S-1-5-21-2246122658-3693405117-2476756634-1003port\VSWebTestExport.pdb source: FiddlerSetup.exe, 00000003.00000002.2525824876.00000000005DC000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: \??\C:\Users\user\AppData\Local\Programs\Fiddler\ImportExport\VSWebTestExport.pdb\*.*Ii source: FiddlerSetup.exe, 00000003.00000002.2525824876.000000000061A000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: System.EnterpriseServices.Wrapper.pdb source: System.EnterpriseServices.Wrapper.dll.36.dr
                Source: Binary string: \Fiddler.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmp
                Source: Binary string: Would you like to go download manually now?https://fiddler2.com/r/?GetDotNet4open https://fiddler2.com/r/?GetDotNet4Compatible .NET Framework/Service Pack found.Installing Progress Telerik Fiddler Classic2500Fiddler.exe.configFiddler.pdbSetupHelperTrustCert.exeTrustCert.pdbInstalling Dependencies... source: FiddlerSetup.exe, 00000003.00000002.2525824876.0000000000578000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: \EnableLoopback.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmp
                Source: Binary string: FiddlerOrchestra.Connection.pdbSHA256' source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002ADB000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: \TrustCert.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmp
                Source: Binary string: C:\JenkinsHome\jobs\AnalyticsReleaseBuild\workspace\Telerik.FJ.Analytics\GA.Analytics.Monitor\obj\Release\GA.Analytics.Monitor.pdb source: GA.Analytics.Monitor.dll0.3.dr
                Source: Binary string: \Inspectors\Be.Windows.Forms.HexBox.dllAnalytics.dllAnalytics.pdbGA.Analytics.Monitor.dllGA.Analytics.Monitor.pdbNewtonsoft.Json.dllDotNetZip.dll source: FiddlerSetup.exe, 00000003.00000002.2525824876.0000000000578000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: System.Deployment.ni.pdbRSDS source: System.Deployment.dll.31.dr
                Source: Binary string: F:\Projects\Dot.NET\SVN\Editor.NET\source\obj\Release\QWhale.Common.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.00000000027DA000.00000004.00000020.00020000.00000000.sdmp, QWhale.Common.dll.3.dr, QWhale.Common.dll0.3.dr
                Source: Binary string: EnableLoopback.ni.pdb source: EnableLoopback.exe.72.dr
                Source: Binary string: FiddlerOrchestra.Utilities.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002ADB000.00000004.00000020.00020000.00000000.sdmp, FiddlerOrchestra.Utilities.dll.3.dr
                Source: Binary string: System.Deployment.pdb source: System.Deployment.dll.31.dr
                Source: Binary string: EnableLoopback.exeEnableLoopback.pdbApp.icoCountdown.wavLoadScript.wavLoadScriptError.wavNOTICES.txtScreenshot.wavcredits.txtsaz.ico source: FiddlerSetup.exe, 00000003.00000002.2525824876.0000000000578000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: Extract: GA.Analytics.Monitor.pdb source: FiddlerSetup.exe, 00000003.00000002.2525824876.00000000005DC000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: System.Runtime.Serialization.Formatters.Soap.pdb source: System.Runtime.Serialization.Formatters.Soap.dll.77.dr
                Source: Binary string: System.Drawing.Design.ni.pdbRSDS source: System.Drawing.Design.dll.42.dr
                Source: Binary string: MakeCert.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: c:\src\JPEGXR2PNG\JPEGXR2PNG\obj\Release\JXR2PNG.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, JXR2PNG.exe.3.dr
                Source: Binary string: FiddlerOrchestra.Connection.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002ADB000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: System.Data.SqlXml.pdb source: System.Data.SqlXml.dll.29.dr
                Source: Binary string: \ToolsPngDistill.exePngDistill.pdbInstalling FiddlerExtensions...SimpleFilter.dllSimpleFilter.pdbTimeline.dllTimeline.pdbRulesTab2.dllQWhale.Syntax.Parsers.dllInstalling Fiddler Orchestra addon...FiddlerOrchestra.Addon.dllFiddlerOrchestra.Addon.pdbFiddlerOrchestra.Connection.dllFiddlerOrchestra.Protocol.dllFiddlerOrchestra.Utilities.dllnetstandard.dll source: FiddlerSetup.exe, 00000003.00000002.2525824876.0000000000578000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: System.Runtime.Caching.ni.pdb source: System.Runtime.Caching.dll.37.dr
                Source: Binary string: Extract: VSWebTestExport.pdb1 source: FiddlerSetup.exe, 00000003.00000002.2525824876.00000000005F8000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: \Scripts\SimpleFilter.pdb source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmp
                Source: Binary string: FiddlerOrchestra.Utilities.pdbSHA256 source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002ADB000.00000004.00000020.00020000.00000000.sdmp, FiddlerOrchestra.Utilities.dll.3.dr
                Source: Binary string: System.Runtime.Serialization.Formatters.Soap.ni.pdb source: System.Runtime.Serialization.Formatters.Soap.dll.77.dr
                Source: Binary string: D:\a\fiddler-classic\fiddler-classic\Fiddler2\BundledExtensions\BasicFormats\obj\Release Signed\BasicFormats.pdbl source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002ADB000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: \??\C:\Users\user\AppData\Local\Programs\Fiddler\ScriptEditor\GA.Analytics.Monitor.pdb source: FiddlerSetup.exe, 00000003.00000002.2525824876.000000000061A000.00000004.00000020.00020000.00000000.sdmp
                Source: Binary string: D:\a\fiddler-classic\fiddler-classic\Fiddler2\Fiddler.SetupHelper\obj\Release Signed\Fiddler.SetupHelper.pdb source: SetupHelper, 00000013.00000000.1360771425.0000000000772000.00000002.00000001.01000000.0000000A.sdmp, SetupHelper.3.dr
                Source: Newtonsoft.Json.dll.3.drStatic PE information: 0xAB33B375 [Fri Jan 7 02:56:53 2061 UTC]
                Source: Brotli.exe.3.drStatic PE information: section name: .eh_fram
                Source: DotNetZip.dll.3.drStatic PE information: section name: .text entropy: 6.825415353860575
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\c0c-0\Microsoft.Build.Utilities.v4.0.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1cd8-0\System.Data.SqlXml.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1280-0\System.Web.RegularExpressions.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\bb0-0\System.EnterpriseServices.Wrapper.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Fiddler\Tools\Brotli.exeJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\FiddlerOrchestra.Connection.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Fiddler\Inspectors\QWhale.Syntax.Schemes.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Comp46f2b404#\70bed732cba41d298e54cc0a935a935b\System.ComponentModel.DataAnnotations.ni.dll (copy)Jump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Fiddler\ScriptEditor\GA.Analytics.Monitor.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1c68-0\System.Deployment.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Fiddler\Inspectors\Standard.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\QWhale.Syntax.Parsers.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\RulesTab2.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\EnableLoopback\59a1f5e7ac4b0e905803332438ede0a4\EnableLoopback.ni.exe (copy)Jump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\netstandard.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Fiddler\GA.Analytics.Monitor.dllJump to dropped file
                Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeFile created: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\FiddlerOrchestra.Addon.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1edc-0\Microsoft.Build.Framework.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Fiddler\ScriptEditor\Analytics.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.JScript\8e9f4b8ba90f0dd7ead0f6d3724d12f0\Microsoft.JScript.ni.dll (copy)Jump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Data86569bbf#\058b5c6d514044e05b07d4b113045f72\System.Data.OracleClient.ni.dll (copy)Jump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Fiddler\Tools\dwebp.exeJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\11ac-0\EnableLoopback.exeJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\FiddlerOrchestra.Utilities.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Fiddler\SetupHelperJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1c44-0\System.Deployment.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Fiddler\Plugins\NetworkConnections\Telerik.NetworkConnections.Windows.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Fiddler\ScriptEditor\FSE2.exeJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\bb0-0\System.EnterpriseServices.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Web\0bc179a6f5376dabed45d64773e7a963\System.Web.ni.dll (copy)Jump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Fiddler\Inspectors\QWhale.Editor.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Ente96d83b35#\cbb85b2c3ecfe129570a8c187041de31\System.EnterpriseServices.Wrapper.dll (copy)Jump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Numerics\ce1e4670373608336100bea63bbc8990\System.Numerics.ni.dll (copy)Jump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Fiddler\ForceCPU.exeJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Dire5d62f0a2#\a2886f8a05c8adae3050b95af3970e92\System.DirectoryServices.Protocols.ni.dll (copy)Jump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Fiddler\EnableLoopback.exeJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1958-0\System.ComponentModel.DataAnnotations.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Fiddler\Inspectors\QWhale.Syntax.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runt19c51595#\b5d4608754b2d1d4f1d2d3c00cbcdfe0\System.Runtime.Caching.ni.dll (copy)Jump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Ente96d83b35#\cbb85b2c3ecfe129570a8c187041de31\System.EnterpriseServices.ni.dll (copy)Jump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1c30-0\System.Data.SqlXml.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\SimpleFilter.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Data.SqlXml\78d6922d3a02a93359e189f060d76f47\System.Data.SqlXml.ni.dll (copy)Jump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Design\e6264fe3334740cf9e7da3afc7d524cc\System.Design.ni.dll (copy)Jump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1e44-0\System.Security.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Fiddler\Inspectors\QWhale.Common.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Fiddler\Telerik.NetworkConnections.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Fiddler\Inspectors\SyntaxView.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Fiddler\TrustCert.exeJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Fiddler\Tools\PngDistill.exeJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\780-0\System.Runtime.Caching.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Fiddler\ImportExport\BasicFormats.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\240-0\SMDiagnostics.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Fiddler\ScriptEditor\QWhale.Syntax.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Fiddler\ExecAction.exeJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Fiddler\ScriptEditor\QWhale.Editor.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Fiddler\Analytics.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\a58-0\System.DirectoryServices.Protocols.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\SMDiagnostics\1936f2ecbcf18cda53f04b49073cf801\SMDiagnostics.ni.dll (copy)Jump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1454-0\System.Numerics.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1408-0\System.Drawing.Design.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\b64-0\System.ServiceModel.Internals.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Deployment\4fa111e50d95d3e08c2d856a5394af3b\System.Deployment.ni.dll (copy)Jump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Fiddler\Fiddler.exeJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\QWhale.Editor.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Security\bde2021ecdaa53585a395f095971633c\System.Security.ni.dll (copy)Jump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1cec-0\System.Security.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\b18-0\System.Web.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\Timeline.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Draw0a54d252#\1add9b3a6e41e9922f7c95ebd442ed4e\System.Drawing.Design.ni.dll (copy)Jump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Web.8dc504e4#\51cf3243e3f9124c32bc8614b4bcda4e\System.Web.ApplicationServices.ni.dll (copy)Jump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Fiddler\Be.Windows.Forms.HexBox.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Fiddler\Tools\JXR2PNG.exeJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Fiddler\Newtonsoft.Json.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Fiddler\ImportExport\VSWebTestExport.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Fiddler\ScriptEditor\QWhale.Common.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\FiddlerOrchestra.Protocol.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\QWhale.Common.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1260-0\System.Design.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Fiddler\ScriptEditor\QWhale.Syntax.Parsers.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.B3325a29b#\3f8d7f63514ceeaa11244b3e16a3ea5c\Microsoft.Build.Framework.ni.dll (copy)Jump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1f24-0\System.Runtime.Serialization.Formatters.Soap.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1090-0\System.Data.OracleClient.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\604-0\System.Web.ApplicationServices.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\f975db3abcedde8df2408b15e2c6dd09\System.Runtime.Serialization.Formatters.Soap.ni.dll (copy)Jump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\QWhale.Syntax.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Local\Temp\nsx8D7.tmp\System.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.B83e9cb53#\7192d8df2c3d8228b392f5912e16ebc2\Microsoft.Build.Utilities.v4.0.ni.dll (copy)Jump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Fiddler\DotNetZip.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Servd1dec626#\aa6a3ae1d00b1eb221bba5375e6387b1\System.ServiceModel.Internals.ni.dll (copy)Jump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\172c-0\System.Runtime.Serialization.Formatters.Soap.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Fiddler\uninst.exeJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\744-0\Microsoft.JScript.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Fiddler\Tools\Zopfli.exeJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Fiddler\makecert.exeJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Web.82d5542b#\9c63130543c9d395491387159924bf83\System.Web.RegularExpressions.ni.dll (copy)Jump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\c0c-0\Microsoft.Build.Utilities.v4.0.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1cd8-0\System.Data.SqlXml.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\a58-0\System.DirectoryServices.Protocols.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1280-0\System.Web.RegularExpressions.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\bb0-0\System.EnterpriseServices.Wrapper.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\SMDiagnostics\1936f2ecbcf18cda53f04b49073cf801\SMDiagnostics.ni.dll (copy)Jump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Comp46f2b404#\70bed732cba41d298e54cc0a935a935b\System.ComponentModel.DataAnnotations.ni.dll (copy)Jump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1454-0\System.Numerics.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1c68-0\System.Deployment.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1408-0\System.Drawing.Design.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\b64-0\System.ServiceModel.Internals.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Deployment\4fa111e50d95d3e08c2d856a5394af3b\System.Deployment.ni.dll (copy)Jump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\EnableLoopback\59a1f5e7ac4b0e905803332438ede0a4\EnableLoopback.ni.exe (copy)Jump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Security\bde2021ecdaa53585a395f095971633c\System.Security.ni.dll (copy)Jump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1cec-0\System.Security.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1edc-0\Microsoft.Build.Framework.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\b18-0\System.Web.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.JScript\8e9f4b8ba90f0dd7ead0f6d3724d12f0\Microsoft.JScript.ni.dll (copy)Jump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Data86569bbf#\058b5c6d514044e05b07d4b113045f72\System.Data.OracleClient.ni.dll (copy)Jump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Draw0a54d252#\1add9b3a6e41e9922f7c95ebd442ed4e\System.Drawing.Design.ni.dll (copy)Jump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Web.8dc504e4#\51cf3243e3f9124c32bc8614b4bcda4e\System.Web.ApplicationServices.ni.dll (copy)Jump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\11ac-0\EnableLoopback.exeJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1c44-0\System.Deployment.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\bb0-0\System.EnterpriseServices.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Web\0bc179a6f5376dabed45d64773e7a963\System.Web.ni.dll (copy)Jump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1260-0\System.Design.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Ente96d83b35#\cbb85b2c3ecfe129570a8c187041de31\System.EnterpriseServices.Wrapper.dll (copy)Jump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Numerics\ce1e4670373608336100bea63bbc8990\System.Numerics.ni.dll (copy)Jump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.B3325a29b#\3f8d7f63514ceeaa11244b3e16a3ea5c\Microsoft.Build.Framework.ni.dll (copy)Jump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1f24-0\System.Runtime.Serialization.Formatters.Soap.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Dire5d62f0a2#\a2886f8a05c8adae3050b95af3970e92\System.DirectoryServices.Protocols.ni.dll (copy)Jump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1958-0\System.ComponentModel.DataAnnotations.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1090-0\System.Data.OracleClient.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\604-0\System.Web.ApplicationServices.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\f975db3abcedde8df2408b15e2c6dd09\System.Runtime.Serialization.Formatters.Soap.ni.dll (copy)Jump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runt19c51595#\b5d4608754b2d1d4f1d2d3c00cbcdfe0\System.Runtime.Caching.ni.dll (copy)Jump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Ente96d83b35#\cbb85b2c3ecfe129570a8c187041de31\System.EnterpriseServices.ni.dll (copy)Jump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1c30-0\System.Data.SqlXml.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Data.SqlXml\78d6922d3a02a93359e189f060d76f47\System.Data.SqlXml.ni.dll (copy)Jump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.B83e9cb53#\7192d8df2c3d8228b392f5912e16ebc2\Microsoft.Build.Utilities.v4.0.ni.dll (copy)Jump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Servd1dec626#\aa6a3ae1d00b1eb221bba5375e6387b1\System.ServiceModel.Internals.ni.dll (copy)Jump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\172c-0\System.Runtime.Serialization.Formatters.Soap.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Design\e6264fe3334740cf9e7da3afc7d524cc\System.Design.ni.dll (copy)Jump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1e44-0\System.Security.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\744-0\Microsoft.JScript.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\780-0\System.Runtime.Caching.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Web.82d5542b#\9c63130543c9d395491387159924bf83\System.Web.RegularExpressions.ni.dll (copy)Jump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeFile created: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\240-0\SMDiagnostics.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Fiddler\SetupHelperJump to dropped file
                Source: C:\Users\user\AppData\Local\Programs\Fiddler\SetupHelperFile created: C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\SetupHelper.logJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Local\Programs\Fiddler\license.txtJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fiddler Classic.lnkJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fiddler ScriptEditor.lnkJump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeKey value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v2.0.50727\NGenService\Roots\C:/Users/user/AppData/Local/Programs/Fiddler/Fiddler.exe\0 ImageListJump to behavior
                Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                Source: C:\Users\user\AppData\Local\Programs\Fiddler\SetupHelperProcess information set: NOOPENFILEERRORBOXJump to behavior
                Source: C:\Users\user\AppData\Local\Programs\Fiddler\SetupHelperProcess information set: NOOPENFILEERRORBOXJump to behavior
                Source: C:\Users\user\AppData\Local\Programs\Fiddler\SetupHelperProcess information set: NOOPENFILEERRORBOXJump to behavior
                Source: C:\Users\user\AppData\Local\Programs\Fiddler\SetupHelperProcess information set: NOOPENFILEERRORBOXJump to behavior
                Source: C:\Users\user\AppData\Local\Programs\Fiddler\SetupHelperProcess information set: NOOPENFILEERRORBOXJump to behavior
                Source: C:\Users\user\AppData\Local\Programs\Fiddler\SetupHelperProcess information set: NOOPENFILEERRORBOXJump to behavior
                Source: C:\Users\user\AppData\Local\Programs\Fiddler\SetupHelperProcess information set: NOOPENFILEERRORBOXJump to behavior
                Source: C:\Users\user\AppData\Local\Programs\Fiddler\SetupHelperProcess information set: NOOPENFILEERRORBOXJump to behavior
                Source: C:\Users\user\AppData\Local\Programs\Fiddler\SetupHelperProcess information set: NOOPENFILEERRORBOXJump to behavior
                Source: C:\Users\user\AppData\Local\Programs\Fiddler\SetupHelperProcess information set: NOOPENFILEERRORBOXJump to behavior
                Source: C:\Users\user\AppData\Local\Programs\Fiddler\SetupHelperProcess information set: NOOPENFILEERRORBOXJump to behavior
                Source: C:\Users\user\AppData\Local\Programs\Fiddler\SetupHelperProcess information set: NOOPENFILEERRORBOXJump to behavior
                Source: C:\Users\user\AppData\Local\Programs\Fiddler\SetupHelperProcess information set: NOOPENFILEERRORBOXJump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeProcess information set: NOOPENFILEERRORBOX

                Malware Analysis System Evasion

                barindex
                Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
                Source: ngen.exe, 00000010.00000002.1781061494.000000B8E30FC000.00000004.00000010.00020000.00000000.sdmp, ngen.log.18.drBinary or memory string: 04/24/2024 01:29:53.967 [7260]: 1>ERROR COMPILING C:\USERS\user\APPDATA\LOCAL\PROGRAMS\FIDDLER\FIDDLER.EXE: AN ATTEMPT WAS MADE TO LOAD A PROGRAM WITH AN INCORRECT FORMAT. (EXCEPTION FROM HRESULT: 0X8007000B)
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpBinary or memory string: \FIDDLER.EXE.CONFIG
                Source: ngen.exe, 00000010.00000002.1781773161.000002808A9A0000.00000004.00000020.00020000.00000000.sdmp, ngen.exe, 00000010.00000002.1781651881.000002808A8F0000.00000004.00000020.00020000.00000000.sdmp, ngen.exe, 00000010.00000002.1781773161.000002808A9A9000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK64\V4.0.30319\NGEN.EXEINSTALLC:\USERS\user\APPDATA\LOCAL\PROGRAMS\FIDDLER\FIDDLER.EXE
                Source: ngen.log.18.drBinary or memory string: 04/24/2024 01:29:47.754 [7260]: 1>WARNING: SYSTEM.BADIMAGEFORMATEXCEPTION: [C:\USERS\user\APPDATA\LOCAL\PROGRAMS\FIDDLER\FIDDLER.EXE] INVALID TYPEREF TOKEN. WHILE RESOLVING 0X1000304 - .
                Source: ngen.exe, 00000010.00000002.1781969633.000002808AA0E000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: SYSTEM.CORE, VERSION=4.0.0.0, CULTURE=NEUTRAL, PUBLICKEYTOKEN=B77A5C561934E089S\FIDDLER\FIDDLER.EXE
                Source: Fiddler.exe.3.drBinary or memory string: INTERNALNAMEFIDDLER.EXE
                Source: ngen.exe, 00000010.00000002.1781773161.000002808A9B5000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK64\V4.0.30319\NGEN.EXEINSTALLC:\USERS\user\APPDATA\LOCAL\PROGRAMS\FIDDLER\FIDDLER.EXEUU
                Source: ngen.log.18.drBinary or memory string: 04/24/2024 01:29:26.385 [7260]: 1>WARNING: SYSTEM.BADIMAGEFORMATEXCEPTION: [C:\USERS\user\APPDATA\LOCAL\PROGRAMS\FIDDLER\FIDDLER.EXE] INVALID TYPEREF TOKEN. WHILE RESOLVING 0X10002FA - .
                Source: FiddlerSetup.exe, 00000003.00000002.2525824876.0000000000578000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \FIDDLER.EXE"INSTALL "
                Source: FiddlerSetup.exe, 00000003.00000002.2525824876.00000000005DC000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: EXTRACT: FIDDLER.EXES
                Source: FiddlerSetup.exe, 00000003.00000002.2525824876.0000000000578000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \FIDDLER.EXE" -VIEWER "%1"KERNEL32::GETCURRENTPROCESS()P.SKERNEL32::ISWOW64PROCESS2(PS,*I0S,*I)|KERNEL32::ISWOW64PROCESS(P-1,*I0S)INT64OPWRITE X64 HKLM KEYS9999UPDATEPENDINGSOFTWARE\MICROSOFT\FIDDLER2\PREFS\.DEFAULTFIDDLER.UI.LASTVIEWSOFTWARE\MICROSOFT\FIDDLER2\UIFRMVIEWER_WSTATEJSEDITORNOTEPAD.EXE
                Source: FiddlerSetup.exe, 00000003.00000002.2525824876.0000000000578000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \FIDDLER.EXE -STARTEDBYUPDATE3000
                Source: ngen.log.18.drBinary or memory string: 04/24/2024 01:29:38.603 [7260]: 1> COMPILING ASSEMBLY C:\USERS\user\APPDATA\LOCAL\PROGRAMS\FIDDLER\FIDDLER.EXE (CLR V4.0.30319) ...
                Source: ngen.log.18.drBinary or memory string: 04/24/2024 01:29:21.848 [7260]: 1> COMPILING ASSEMBLY C:\USERS\user\APPDATA\LOCAL\PROGRAMS\FIDDLER\FIDDLER.EXE (CLR V4.0.30319) ...
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp, Fiddler.exe.3.drBinary or memory string: FIDDLER.EXE
                Source: ngen.exe, 00000010.00000002.1782052183.000002808AA21000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: INSTALLING ASSEMBLY C:\USERS\user\APPDATA\LOCAL\PROGRAMS\FIDDLER\FIDDLER.EXE BECAUSE OF AN ERROR DURING COMPILATION: AN ATTEMPT WAS MADE TO LOAD A PROGRAM WITH AN INCORRECT FORMAT. (EXCEPTION FROM HRESULT: 0X8007000B)
                Source: ngen.exe, 00000010.00000002.1782052183.000002808AA21000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: ERROR COMPILING C:\USERS\user\APPDATA\LOCAL\PROGRAMS\FIDDLER\FIDDLER.EXE: AN ATTEMPT WAS MADE TO LOAD A PROGRAM WITH AN INCORRECT FORMAT. (EXCEPTION FROM HRESULT: 0X8007000B)
                Source: ngen.exe, 00000010.00000002.1781773161.000002808A9B5000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: SERS\user\APPDATA\LOCAL\PROGRAMS\FIDDLER\FIDDLER.EXEFIDDLER\FIDDLER.EXE
                Source: ngen.exe, 00000010.00000002.1781773161.000002808A9A0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: "C:\WINDOWS\MICROSOFT.NET\FRAMEWORK64\V4.0.30319\NGEN.EXE" INSTALL "C:\USERS\user\APPDATA\LOCAL\PROGRAMS\FIDDLER\FIDDLER.EXE"Q
                Source: FiddlerSetup.exe, 00000003.00000002.2525824876.0000000000578000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \FIDDLER.EXE
                Source: FiddlerSetup.exe, 00000003.00000002.2525824876.0000000000578000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \FIDDLER.EXE" -NOATTACH "%1"SOFTWARE\CLASSES\FIDDLER.ARCHIVEZIP\SHELL\OPEN &IN VIEWER\COMMAND"
                Source: FiddlerSetup.exe, 00000003.00000002.2525824876.0000000000578000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: EXTRACT: FIDDLER.EXE.CONFIG
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpBinary or memory string: \FIDDLER.EXEWAITING FOR PROGRESS TELERIK FIDDLER CLASSIC COMPONENT TO CLOSE ITSELF AUTOMATICALLY...500A PROGRESS TELERIK FIDDLER CLASSIC COMPONENT APPEARS TO BE RUNNING.
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpBinary or memory string: \FIDDLER.EXE" ACTION=ALLOW PROFILE=ANY DIR=IN EDGE=DEFERUSER PROTOCOL=TCP DESCRIPTION="PERMIT INBOUND CONNECTIONS TO FIDDLER"UNINSTALLSOFTWARE\MICROSOFT\FIDDLER2\INSTALLERSETTINGSKERNEL32::GETCURRENTPROCESS()P.SKERNEL32::ISWOW64PROCESS2(PS,*I0S,*I)|KERNEL32::ISWOW64PROCESS(P-1,*I0S)INT64OPSHOULD I DELETE ALL PROGRESS TELERIK FIDDLER CLASSIC-RELATED SETTINGS?
                Source: ngen.exe, 00000010.00000002.1781773161.000002808A9A0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: C:\USERS\user\APPDATA\LOCAL\PROGRAMS\FIDDLER\C:\WINDOWS\MICROSOFT.NET\FRAMEWORK64\V4.0.30319\NGEN.EXE"C:\WINDOWS\MICROSOFT.NET\FRAMEWORK64\V4.0.30319\NGEN.EXE" INSTALL "C:\USERS\user\APPDATA\LOCAL\PROGRAMS\FIDDLER\FIDDLER.EXE"C:\WINDOWS\MICROSOFT.NET\FRAMEWORK64\V4.0.30319\NGEN.EXEWINSTA0\DEFAULT
                Source: ngen.exe, 00000010.00000002.1781773161.000002808A9A0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: "C:\WINDOWS\MICROSOFT.NET\FRAMEWORK64\V4.0.30319\NGEN.EXE" INSTALL "C:\USERS\user\APPDATA\LOCAL\PROGRAMS\FIDDLER\FIDDLER.EXE"
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: NOTE: THIS TOOL WILL INVALIDATE THE AUTHENTICODE DIGITAL SIGNATUREUON FIDDLER.EXE, WHICH IS GENERALLY HARMLESS, BUT MAY CAUSE;FIREWALL OR ANTIVIRUS ALERTS.Q
                Source: ngen.exe, 00000010.00000002.1781061494.000000B8E30FC000.00000004.00000010.00020000.00000000.sdmpBinary or memory string: \LOCAL\PROGRAMS\FIDDLER\FIDDLER.EXE:
                Source: ngen.exe, 00000010.00000002.1781773161.000002808A9A9000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: SERS\user\APPDATA\LOCAL\PROGRAMS\FIDDLER\FIDDLER.EXE
                Source: ngen.log.18.drBinary or memory string: 04/24/2024 01:29:36.785 [7260]: 1>NGEN FAILED TO GENERATE NATIVE CODE FOR IMAGE C:\USERS\user\APPDATA\LOCAL\PROGRAMS\FIDDLER\FIDDLER.EXE BECAUSE OF THE FOLLOWING ERROR: AN ATTEMPT WAS MADE TO LOAD A PROGRAM WITH AN INCORRECT FORMAT. (EXCEPTION FROM HRESULT: 0X8007000B)
                Source: ngen.exe, 00000010.00000002.1781969633.000002808AA0E000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: C:\USERS\user\APPDATA\LOCAL\PROGRAMS\FIDDLER\FIDDLER.EXE (CLR V4.0.30319)C951077A5C561934E089
                Source: ngen.log.18.drBinary or memory string: 04/24/2024 01:29:47.520 [7260]: 1>WARNING: SYSTEM.BADIMAGEFORMATEXCEPTION: [C:\USERS\user\APPDATA\LOCAL\PROGRAMS\FIDDLER\FIDDLER.EXE] INVALID TYPEREF TOKEN. WHILE RESOLVING 0X10002FA - .
                Source: ngen.log.18.drBinary or memory string: 04/24/2024 01:29:18.050 [7260]: COMMAND LINE: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK64\V4.0.30319\NGEN.EXE INSTALL C:\USERS\user\APPDATA\LOCAL\PROGRAMS\FIDDLER\FIDDLER.EXE
                Source: ngen.exe, 00000010.00000002.1782052183.000002808AA21000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: ZC:\USERS\user\APPDATA\LOCAL\PROGRAMS\FIDDLER\FIDDLER.EXEEUTRAL, PUBLICKEYTOKEN=B03F5F7F11D50A3A (CLR V4.0.30319)
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpBinary or memory string: \UPDATEFIDDLER.EXE
                Source: ngen.log.18.drBinary or memory string: 04/24/2024 01:29:26.629 [7260]: 1>WARNING: SYSTEM.BADIMAGEFORMATEXCEPTION: [C:\USERS\user\APPDATA\LOCAL\PROGRAMS\FIDDLER\FIDDLER.EXE] INVALID TYPEREF TOKEN. WHILE RESOLVING 0X1000304 - .
                Source: ngen.log.18.drBinary or memory string: 04/24/2024 01:29:53.998 [7260]: 1>UNINSTALLING ASSEMBLY C:\USERS\user\APPDATA\LOCAL\PROGRAMS\FIDDLER\FIDDLER.EXE BECAUSE OF AN ERROR DURING COMPILATION: AN ATTEMPT WAS MADE TO LOAD A PROGRAM WITH AN INCORRECT FORMAT. (EXCEPTION FROM HRESULT: 0X8007000B)
                Source: ngen.exe, 00000010.00000002.1782052183.000002808AA21000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: 1>ERROR COMPILING C:\USERS\user\APPDATA\LOCAL\PROGRAMS\FIDDLER\FIDDLER.EXE: AN ATTEMPT WAS MADE TO LOAD A PROGRAM WITH AN INCORRECT FORMAT. (EXCEPTION FROM HRESULT: 0X8007000B)
                Source: ngen.exe, 00000010.00000002.1781773161.000002808A9D1000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: EN-GBENEN-USSK/APPDATA/LOCAL/PROGRAMS/FIDDLER/FIDDLER.EXE
                Source: FiddlerSetup.exe, 00000003.00000002.2525824876.0000000000578000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: WOULD YOU LIKE TO GO DOWNLOAD MANUALLY NOW?HTTPS://FIDDLER2.COM/R/?GETDOTNET4OPEN HTTPS://FIDDLER2.COM/R/?GETDOTNET4COMPATIBLE .NET FRAMEWORK/SERVICE PACK FOUND.INSTALLING PROGRESS TELERIK FIDDLER CLASSIC2500FIDDLER.EXE.CONFIGFIDDLER.PDBSETUPHELPERTRUSTCERT.EXETRUSTCERT.PDBINSTALLING DEPENDENCIES...
                Source: ngen.log.18.drBinary or memory string: 04/24/2024 01:29:36.832 [7260]: 1>NGEN WILL RETRY COMPILATION OF IMAGE C:\USERS\user\APPDATA\LOCAL\PROGRAMS\FIDDLER\FIDDLER.EXE
                Source: FiddlerSetup.exe, 00000003.00000002.2525824876.0000000000578000.00000004.00000020.00020000.00000000.sdmp, ngen.exe, 00000010.00000002.1781773161.000002808A9D1000.00000004.00000020.00020000.00000000.sdmp, ngen.exe, 00000010.00000002.1781773161.000002808A9A0000.00000004.00000020.00020000.00000000.sdmp, ngen.exe, 00000010.00000002.1781773161.000002808A9B5000.00000004.00000020.00020000.00000000.sdmp, ngen.exe, 00000010.00000002.1781651881.000002808A8F0000.00000004.00000020.00020000.00000000.sdmp, ngen.exe, 00000010.00000002.1781773161.000002808A9A9000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: C:\USERS\user\APPDATA\LOCAL\PROGRAMS\FIDDLER\FIDDLER.EXE
                Source: FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpBinary or memory string: \FIDDLER.EXE"UNINSTALL "
                Source: FiddlerSetup.exe, 00000003.00000002.2525824876.0000000000578000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \FIDDLER.EXE" ACTION=ALLOW PROFILE=ANY DIR=IN EDGE=DEFERUSER PROTOCOL=TCP DESCRIPTION="PERMIT INBOUND CONNECTIONS TO FIDDLER"FIDDLER.EXEWAITING FOR PROGRESS TELERIK FIDDLER CLASSIC COMPONENT TO CLOSE ITSELF AUTOMATICALLY...500A PROGRESS TELERIK FIDDLER CLASSIC COMPONENT APPEARS TO BE RUNNING.
                Source: ngen.exe, 00000010.00000002.1781773161.000002808A9A9000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK64\V4.0.30319\NGEN.EXEINSTALLC:\USERS\user\APPDATA\LOCAL\PROGRAMS\FIDDLER\FIDDLER.EXE""
                Source: FiddlerSetup.exe, 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpBinary or memory string: *?|<>/":%S%S.DLLCALLERS\user~1\APPDATA\LOCAL\TEMP\NSX8D7.TMP\SYSTEM.DLLORT\VSWEBTESTEXPORT.PDB\*.**.*KCONNECTIONS.WINDOWS.DLL\*.*C:\USERS\user~1\APPDATA\LOCAL\TEMP\NSX8D7.TMP\SYSTEM.DLL2T\VSWEBTESTEXPORT.PDBDLLTWORKCONNECTIONS.WINDOWS.DLLFALSERS\user~1\APPDATA\LOCAL\TEMP\NSX8D7.TMPR/TASKS/CONFIGUREFIDDLER.EXE"PPDATA\LOCAL\PROGRAMS\FIDDLER\FIDDLER.EXE" ACTION=ALLOW PROFILE=ANY DIR=IN EDGE=DEFERUSER PROTOCOL=TCP DESCRIPTION="PERMIT INBOUND CONNECTIONS TO FIDDLER"TRUEERS\user~1\APPDATA\LOCAL\TEMP\NSX8D7.TMP\SYSTEM.DLLTOR\FSE2.EXE
                Source: ngen.exe, 00000010.00000002.1781969633.000002808AA0E000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: UNINSTALLING ASSEMBLY C:\USERS\user\APPDATA\LOCAL\PROGRAMS\FIDDLER\FIDDLER.EXE BECAUSE OF AN ERROR DURING COMPILATION: AN ATTEMPT WAS MADE TO LOAD A PROGRAM WITH AN INCORRECT FORMAT. (EXCEPTION FROM HRESULT: 0X8007000B)
                Source: Fiddler.exe.3.drBinary or memory string: ORIGINALFILENAMEFIDDLER.EXE0
                Source: ngen.log.18.drBinary or memory string: 04/24/2024 01:29:36.724 [7260]: 1>ERROR COMPILING C:\USERS\user\APPDATA\LOCAL\PROGRAMS\FIDDLER\FIDDLER.EXE: AN ATTEMPT WAS MADE TO LOAD A PROGRAM WITH AN INCORRECT FORMAT. (EXCEPTION FROM HRESULT: 0X8007000B)
                Source: C:\Users\user\AppData\Local\Programs\Fiddler\SetupHelperMemory allocated: 2850000 memory reserve | memory write watchJump to behavior
                Source: C:\Users\user\AppData\Local\Programs\Fiddler\SetupHelperMemory allocated: 2A60000 memory reserve | memory write watchJump to behavior
                Source: C:\Users\user\AppData\Local\Programs\Fiddler\SetupHelperMemory allocated: 28B0000 memory reserve | memory write watchJump to behavior
                Source: C:\Users\user\AppData\Local\Programs\Fiddler\SetupHelperThread delayed: delay time: 922337203685477Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeDropped PE file which has not been started: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\c0c-0\Microsoft.Build.Utilities.v4.0.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeDropped PE file which has not been started: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1cd8-0\System.Data.SqlXml.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Fiddler\ScriptEditor\QWhale.Syntax.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Fiddler\ExecAction.exeJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Fiddler\ScriptEditor\QWhale.Editor.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeDropped PE file which has not been started: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\a58-0\System.DirectoryServices.Protocols.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Fiddler\Analytics.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeDropped PE file which has not been started: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1280-0\System.Web.RegularExpressions.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeDropped PE file which has not been started: C:\Windows\assembly\NativeImages_v4.0.30319_64\SMDiagnostics\1936f2ecbcf18cda53f04b49073cf801\SMDiagnostics.ni.dll (copy)Jump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeDropped PE file which has not been started: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\bb0-0\System.EnterpriseServices.Wrapper.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Fiddler\Tools\Brotli.exeJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\FiddlerOrchestra.Connection.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Fiddler\Inspectors\QWhale.Syntax.Schemes.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeDropped PE file which has not been started: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Comp46f2b404#\70bed732cba41d298e54cc0a935a935b\System.ComponentModel.DataAnnotations.ni.dll (copy)Jump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeDropped PE file which has not been started: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1454-0\System.Numerics.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeDropped PE file which has not been started: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1c68-0\System.Deployment.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Fiddler\ScriptEditor\GA.Analytics.Monitor.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Fiddler\Inspectors\Standard.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\QWhale.Syntax.Parsers.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeDropped PE file which has not been started: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\b64-0\System.ServiceModel.Internals.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeDropped PE file which has not been started: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1408-0\System.Drawing.Design.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\RulesTab2.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeDropped PE file which has not been started: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Deployment\4fa111e50d95d3e08c2d856a5394af3b\System.Deployment.ni.dll (copy)Jump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeDropped PE file which has not been started: C:\Windows\assembly\NativeImages_v4.0.30319_64\EnableLoopback\59a1f5e7ac4b0e905803332438ede0a4\EnableLoopback.ni.exe (copy)Jump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\netstandard.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Fiddler\Fiddler.exeJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeDropped PE file which has not been started: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Security\bde2021ecdaa53585a395f095971633c\System.Security.ni.dll (copy)Jump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\QWhale.Editor.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Fiddler\GA.Analytics.Monitor.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeDropped PE file which has not been started: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1cec-0\System.Security.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\FiddlerOrchestra.Addon.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeDropped PE file which has not been started: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1edc-0\Microsoft.Build.Framework.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeDropped PE file which has not been started: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\b18-0\System.Web.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Fiddler\ScriptEditor\Analytics.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeDropped PE file which has not been started: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Data86569bbf#\058b5c6d514044e05b07d4b113045f72\System.Data.OracleClient.ni.dll (copy)Jump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeDropped PE file which has not been started: C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.JScript\8e9f4b8ba90f0dd7ead0f6d3724d12f0\Microsoft.JScript.ni.dll (copy)Jump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Fiddler\Tools\dwebp.exeJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeDropped PE file which has not been started: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Draw0a54d252#\1add9b3a6e41e9922f7c95ebd442ed4e\System.Drawing.Design.ni.dll (copy)Jump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\Timeline.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeDropped PE file which has not been started: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Web.8dc504e4#\51cf3243e3f9124c32bc8614b4bcda4e\System.Web.ApplicationServices.ni.dll (copy)Jump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Fiddler\Be.Windows.Forms.HexBox.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Fiddler\Newtonsoft.Json.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Fiddler\Tools\JXR2PNG.exeJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeDropped PE file which has not been started: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\11ac-0\EnableLoopback.exeJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Fiddler\ImportExport\VSWebTestExport.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\FiddlerOrchestra.Utilities.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Fiddler\ScriptEditor\QWhale.Common.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\FiddlerOrchestra.Protocol.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeDropped PE file which has not been started: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1c44-0\System.Deployment.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Fiddler\Plugins\NetworkConnections\Telerik.NetworkConnections.Windows.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\QWhale.Common.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Fiddler\ScriptEditor\FSE2.exeJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeDropped PE file which has not been started: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Web\0bc179a6f5376dabed45d64773e7a963\System.Web.ni.dll (copy)Jump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeDropped PE file which has not been started: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\bb0-0\System.EnterpriseServices.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeDropped PE file which has not been started: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1260-0\System.Design.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Fiddler\Inspectors\QWhale.Editor.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeDropped PE file which has not been started: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Ente96d83b35#\cbb85b2c3ecfe129570a8c187041de31\System.EnterpriseServices.Wrapper.dll (copy)Jump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Fiddler\ScriptEditor\QWhale.Syntax.Parsers.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeDropped PE file which has not been started: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Numerics\ce1e4670373608336100bea63bbc8990\System.Numerics.ni.dll (copy)Jump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeDropped PE file which has not been started: C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.B3325a29b#\3f8d7f63514ceeaa11244b3e16a3ea5c\Microsoft.Build.Framework.ni.dll (copy)Jump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeDropped PE file which has not been started: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1f24-0\System.Runtime.Serialization.Formatters.Soap.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Fiddler\ForceCPU.exeJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeDropped PE file which has not been started: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Dire5d62f0a2#\a2886f8a05c8adae3050b95af3970e92\System.DirectoryServices.Protocols.ni.dll (copy)Jump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Fiddler\EnableLoopback.exeJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeDropped PE file which has not been started: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1958-0\System.ComponentModel.DataAnnotations.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeDropped PE file which has not been started: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1090-0\System.Data.OracleClient.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Fiddler\Inspectors\QWhale.Syntax.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeDropped PE file which has not been started: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\604-0\System.Web.ApplicationServices.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeDropped PE file which has not been started: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\f975db3abcedde8df2408b15e2c6dd09\System.Runtime.Serialization.Formatters.Soap.ni.dll (copy)Jump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeDropped PE file which has not been started: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runt19c51595#\b5d4608754b2d1d4f1d2d3c00cbcdfe0\System.Runtime.Caching.ni.dll (copy)Jump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeDropped PE file which has not been started: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Ente96d83b35#\cbb85b2c3ecfe129570a8c187041de31\System.EnterpriseServices.ni.dll (copy)Jump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeDropped PE file which has not been started: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1c30-0\System.Data.SqlXml.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\QWhale.Syntax.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\SimpleFilter.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeDropped PE file which has not been started: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Data.SqlXml\78d6922d3a02a93359e189f060d76f47\System.Data.SqlXml.ni.dll (copy)Jump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeDropped PE file which has not been started: C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.B83e9cb53#\7192d8df2c3d8228b392f5912e16ebc2\Microsoft.Build.Utilities.v4.0.ni.dll (copy)Jump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsx8D7.tmp\System.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeDropped PE file which has not been started: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\172c-0\System.Runtime.Serialization.Formatters.Soap.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeDropped PE file which has not been started: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Servd1dec626#\aa6a3ae1d00b1eb221bba5375e6387b1\System.ServiceModel.Internals.ni.dll (copy)Jump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Fiddler\DotNetZip.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeDropped PE file which has not been started: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Design\e6264fe3334740cf9e7da3afc7d524cc\System.Design.ni.dll (copy)Jump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeDropped PE file which has not been started: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1e44-0\System.Security.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Fiddler\Inspectors\QWhale.Common.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Fiddler\Telerik.NetworkConnections.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Fiddler\uninst.exeJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeDropped PE file which has not been started: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\744-0\Microsoft.JScript.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Fiddler\Inspectors\SyntaxView.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Fiddler\Tools\Zopfli.exeJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Fiddler\TrustCert.exeJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Fiddler\Tools\PngDistill.exeJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Fiddler\makecert.exeJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeDropped PE file which has not been started: C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Web.82d5542b#\9c63130543c9d395491387159924bf83\System.Web.RegularExpressions.ni.dll (copy)Jump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeDropped PE file which has not been started: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\780-0\System.Runtime.Caching.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\Fiddler\ImportExport\BasicFormats.dllJump to dropped file
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeDropped PE file which has not been started: C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\240-0\SMDiagnostics.dllJump to dropped file
                Source: C:\Users\user\AppData\Local\Programs\Fiddler\SetupHelper TID: 7456Thread sleep time: -922337203685477s >= -30000sJump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe TID: 7540Thread sleep time: -922337203685477s >= -30000s
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe TID: 1916Thread sleep time: -922337203685477s >= -30000s
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe TID: 7708Thread sleep time: -922337203685477s >= -30000s
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe TID: 2520Thread sleep time: -922337203685477s >= -30000s
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe TID: 7532Thread sleep time: -922337203685477s >= -30000s
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe TID: 4240Thread sleep time: -922337203685477s >= -30000s
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe TID: 3028Thread sleep time: -922337203685477s >= -30000s
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe TID: 7116Thread sleep time: -922337203685477s >= -30000s
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe TID: 2404Thread sleep time: -922337203685477s >= -30000s
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe TID: 4716Thread sleep time: -922337203685477s >= -30000s
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe TID: 7440Thread sleep time: -922337203685477s >= -30000s
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe TID: 3268Thread sleep time: -922337203685477s >= -30000s
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe TID: 7372Thread sleep time: -922337203685477s >= -30000s
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe TID: 4348Thread sleep time: -922337203685477s >= -30000s
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe TID: 5088Thread sleep time: -922337203685477s >= -30000s
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe TID: 5664Thread sleep time: -922337203685477s >= -30000s
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe TID: 6352Thread sleep time: -922337203685477s >= -30000s
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe TID: 6160Thread sleep time: -922337203685477s >= -30000s
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe TID: 7308Thread sleep time: -922337203685477s >= -30000s
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe TID: 6812Thread sleep time: -922337203685477s >= -30000s
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe TID: 4256Thread sleep time: -922337203685477s >= -30000s
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe TID: 7332Thread sleep time: -922337203685477s >= -30000s
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe TID: 6488Thread sleep time: -922337203685477s >= -30000s
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe TID: 7352Thread sleep time: -922337203685477s >= -30000s
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe TID: 8104Thread sleep time: -922337203685477s >= -30000s
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe TID: 7308Thread sleep time: -922337203685477s >= -30000s
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe TID: 5664Thread sleep time: -922337203685477s >= -30000s
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe TID: 7312Thread sleep time: -922337203685477s >= -30000s
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe TID: 5144Thread sleep time: -922337203685477s >= -30000s
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT HypervisorPresent FROM Win32_ComputerSystem
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT Family,VirtualizationFirmwareEnabled FROM Win32_Processor
                Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile Volume queried: C:\Users\user\AppData\Local FullSizeInformationJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile Volume queried: C:\Users\user\AppData\Local FullSizeInformationJump to behavior
                Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeCode function: 1_2_0040687E FindFirstFileW,FindClose,1_2_0040687E
                Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeCode function: 1_2_00405C2D GetTempPathW,DeleteFileW,lstrcatW,lstrcatW,lstrlenW,FindFirstFileW,FindNextFileW,FindClose,1_2_00405C2D
                Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeCode function: 1_2_00402910 FindFirstFileW,1_2_00402910
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeCode function: 3_2_00402910 FindFirstFileW,3_2_00402910
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeCode function: 3_2_004069DF FindFirstFileW,FindClose,3_2_004069DF
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeCode function: 3_2_00405D8E CloseHandle,GetTempPathW,DeleteFileW,lstrcatW,lstrcatW,lstrlenW,FindFirstFileW,FindNextFileW,FindClose,3_2_00405D8E
                Source: C:\Users\user\AppData\Local\Programs\Fiddler\SetupHelperThread delayed: delay time: 922337203685477Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeThread delayed: delay time: 922337203685477
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile opened: C:\Users\userJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile opened: C:\Users\user\AppData\Local\Programs\Fiddler\ScriptEditorJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile opened: C:\Users\user\AppData\Local\ProgramsJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile opened: C:\Users\user\AppData\LocalJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile opened: C:\Users\user\AppData\Local\Programs\FiddlerJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeFile opened: C:\Users\user\AppDataJump to behavior
                Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeAPI call chain: ExitProcess graph end nodegraph_1-3632
                Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeAPI call chain: ExitProcess graph end nodegraph_1-3634
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeAPI call chain: ExitProcess graph end nodegraph_3-3549
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeAPI call chain: ExitProcess graph end nodegraph_3-3544
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess information queried: ProcessInformationJump to behavior
                Source: C:\Users\user\AppData\Local\Programs\Fiddler\SetupHelperMemory allocated: page read and write | page guardJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess created: C:\Windows\SysWOW64\netsh.exe "C:\Windows\system32\netsh.exe" advfirewall firewall delete rule name="FiddlerProxy"Jump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess created: C:\Windows\SysWOW64\netsh.exe "C:\Windows\system32\netsh.exe" advfirewall firewall add rule name="FiddlerProxy" program="C:\Users\user\AppData\Local\Programs\Fiddler\Fiddler.exe" action=allow profile=any dir=in edge=deferuser protocol=tcp description="Permit inbound connections to Fiddler"Jump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exe "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exe" install "C:\Users\user\AppData\Local\Programs\Fiddler\Fiddler.exe"Jump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exe "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exe" install "C:\Users\user\AppData\Local\Programs\Fiddler\EnableLoopback.exe"Jump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://fiddler2.com/r/?Fiddler2FirstRunJump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 1cc -InterruptEvent 0 -NGENProcess 1bc -Pipe 1c8 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 26c -InterruptEvent 0 -NGENProcess 260 -Pipe 268 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 27c -InterruptEvent 0 -NGENProcess 270 -Pipe 278 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 28c -InterruptEvent 0 -NGENProcess 280 -Pipe 288 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 29c -InterruptEvent 0 -NGENProcess 290 -Pipe 298 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2ec -InterruptEvent 0 -NGENProcess 2dc -Pipe 264 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2c8 -InterruptEvent 0 -NGENProcess 2fc -Pipe 290 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2fc -InterruptEvent 0 -NGENProcess 26c -Pipe 2c8 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2f4 -InterruptEvent 0 -NGENProcess 294 -Pipe 304 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 314 -InterruptEvent 0 -NGENProcess 2f0 -Pipe 2ec -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 314 -InterruptEvent 0 -NGENProcess 2f0 -Pipe 2f4 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 308 -InterruptEvent 0 -NGENProcess 2f4 -Pipe 264 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 270 -InterruptEvent 0 -NGENProcess 2dc -Pipe 304 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 270 -InterruptEvent 0 -NGENProcess 330 -Pipe 328 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 318 -InterruptEvent 0 -NGENProcess 320 -Pipe 30c -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 324 -InterruptEvent 0 -NGENProcess 18c -Pipe 330 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2f4 -InterruptEvent 0 -NGENProcess 280 -Pipe 270 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2dc -InterruptEvent 0 -NGENProcess 324 -Pipe 2f4 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 260 -InterruptEvent 0 -NGENProcess 2a4 -Pipe 328 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 328 -InterruptEvent 0 -NGENProcess 338 -Pipe 18c -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2dc -InterruptEvent 0 -NGENProcess 320 -Pipe 334 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 318 -InterruptEvent 0 -NGENProcess 34c -Pipe 31c -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 324 -InterruptEvent 0 -NGENProcess 354 -Pipe 328 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 364 -InterruptEvent 0 -NGENProcess 340 -Pipe 360 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 388 -InterruptEvent 0 -NGENProcess 38c -Pipe 398 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 388 -InterruptEvent 0 -NGENProcess 370 -Pipe 36c -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3b4 -InterruptEvent 0 -NGENProcess 3a8 -Pipe 3b0 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3ac -InterruptEvent 0 -NGENProcess 3cc -Pipe 394 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3a8 -InterruptEvent 0 -NGENProcess 3ac -Pipe 384 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3d8 -InterruptEvent 0 -NGENProcess 3dc -Pipe 3e8 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3a8 -InterruptEvent 0 -NGENProcess 3b4 -Pipe 280 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 38c -InterruptEvent 0 -NGENProcess 3a4 -Pipe 370 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3b8 -InterruptEvent 0 -NGENProcess 3d0 -Pipe 3c4 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3b8 -InterruptEvent 0 -NGENProcess 3e4 -Pipe 3e0 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3ac -InterruptEvent 0 -NGENProcess 3ec -Pipe 3c0 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 260 -InterruptEvent 0 -NGENProcess 2a4 -Pipe 328 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3d0 -InterruptEvent 0 -NGENProcess 3e4 -Pipe 3ec -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3d8 -InterruptEvent 0 -NGENProcess 3bc -Pipe 3b8 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 390 -InterruptEvent 0 -NGENProcess 3d8 -Pipe 3a0 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3d8 -InterruptEvent 0 -NGENProcess 3ac -Pipe 3d4 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 390 -InterruptEvent 0 -NGENProcess 3d8 -Pipe 3b8 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3e4 -InterruptEvent 0 -NGENProcess 3d0 -Pipe 388 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 38c -InterruptEvent 0 -NGENProcess 3d8 -Pipe 3e4 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 1d4 -InterruptEvent 0 -NGENProcess 1c4 -Pipe 1d0 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2a4 -InterruptEvent 0 -NGENProcess 298 -Pipe 2a0 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2b4 -InterruptEvent 0 -NGENProcess 2a8 -Pipe 2b0 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2c0 -InterruptEvent 0 -NGENProcess 268 -Pipe 2bc -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 260 -InterruptEvent 0 -NGENProcess 264 -Pipe 26c -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2c8 -InterruptEvent 0 -NGENProcess 300 -Pipe 334 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 270 -InterruptEvent 0 -NGENProcess 2b8 -Pipe 2c0 -Comment "NGen Worker Process"Jump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess created: C:\Windows\SysWOW64\netsh.exe "c:\windows\system32\netsh.exe" advfirewall firewall add rule name="fiddlerproxy" program="c:\users\user\appdata\local\programs\fiddler\fiddler.exe" action=allow profile=any dir=in edge=deferuser protocol=tcp description="permit inbound connections to fiddler"
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess created: C:\Windows\SysWOW64\netsh.exe "c:\windows\system32\netsh.exe" advfirewall firewall add rule name="fiddlerproxy" program="c:\users\user\appdata\local\programs\fiddler\fiddler.exe" action=allow profile=any dir=in edge=deferuser protocol=tcp description="permit inbound connections to fiddler"Jump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeQueries volume information: C:\ VolumeInformationJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeQueries volume information: C:\ VolumeInformationJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeQueries volume information: C:\ VolumeInformationJump to behavior
                Source: C:\Windows\SysWOW64\netsh.exeQueries volume information: C:\ VolumeInformationJump to behavior
                Source: C:\Users\user\AppData\Local\Programs\Fiddler\SetupHelperQueries volume information: C:\Users\user\AppData\Local\Programs\Fiddler\SetupHelper VolumeInformationJump to behavior
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Fiddler\Fiddler.exe VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Web\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Fiddler\DotNetZip.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Fiddler\Telerik.NetworkConnections.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Fiddler\Newtonsoft.Json.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Fiddler\Analytics.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.RegularExpressions\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Utilities.v4.0\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.v4.0.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Caching\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Caching.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Framework\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Tasks.v4.0\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.v4.0.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data.OracleClient\v4.0_4.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data.OracleClient\v4.0_4.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data.OracleClient\v4.0_4.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Internals\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Internals.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Fiddler\GA.Analytics.Monitor.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Fiddler\Fiddler.exe VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Fiddler\DotNetZip.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Net.Http\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.Http.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Web\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Fiddler\Telerik.NetworkConnections.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Fiddler\Newtonsoft.Json.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Fiddler\Analytics.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Web\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Utilities.v4.0\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.v4.0.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Caching\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Caching.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Framework\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.RegularExpressions\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Design\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Design.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Tasks.v4.0\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.v4.0.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Caching\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Caching.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.RegularExpressions\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Fiddler\Fiddler.exe VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Fiddler\DotNetZip.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Net.Http\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.Http.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Web\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Fiddler\Telerik.NetworkConnections.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Fiddler\Newtonsoft.Json.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Fiddler\Analytics.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Design\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Design.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Web\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing.Design\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data.OracleClient\v4.0_4.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data.OracleClient\v4.0_4.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data.OracleClient\v4.0_4.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.RegularExpressions\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data.OracleClient\v4.0_4.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data.OracleClient\v4.0_4.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data.OracleClient\v4.0_4.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing.Design\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Internals\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Internals.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Internals\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Internals.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Utilities.v4.0\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.v4.0.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Framework\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Framework\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Fiddler\EnableLoopback.exe VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Users\user\AppData\Local\Programs\Fiddler\EnableLoopback.exe VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll VolumeInformation
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll VolumeInformation
                Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exeCode function: 1_2_004034FC EntryPoint,SetErrorMode,GetVersionExW,GetVersionExW,GetVersionExW,lstrlenA,#17,OleInitialize,SHGetFileInfoW,GetCommandLineW,CharNextW,GetTempPathW,GetTempPathW,GetWindowsDirectoryW,lstrcatW,GetTempPathW,lstrcatW,SetEnvironmentVariableW,SetEnvironmentVariableW,SetEnvironmentVariableW,DeleteFileW,lstrlenW,wsprintfW,GetFileAttributesW,DeleteFileW,SetCurrentDirectoryW,CopyFileW,OleUninitialize,ExitProcess,CloseHandle,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,ExitWindowsEx,ExitProcess,1_2_004034FC

                Lowering of HIPS / PFW / Operating System Security Settings

                barindex
                Modifies the windows firewall
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess created: C:\Windows\SysWOW64\netsh.exe "C:\Windows\system32\netsh.exe" advfirewall firewall delete rule name="FiddlerProxy"
                Uses netsh to modify the Windows network and firewall settings
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeProcess created: C:\Windows\SysWOW64\netsh.exe "C:\Windows\system32\netsh.exe" advfirewall firewall delete rule name="FiddlerProxy"
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeWMI Queries: IWbemServices::CreateInstanceEnum - root\SecurityCenter2 : AntiVirusProduct
                Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeWMI Queries: IWbemServices::CreateInstanceEnum - root\SecurityCenter2 : AntiVirusProduct
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeRegistry value created: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATIONJump to behavior
                Source: C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exeRegistry value created: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATIONJump to behavior

                Stealing of Sensitive Information

                barindex
                Yara detected PureLog Stealer
                Source: Yara matchFile source: C:\Users\user\AppData\Local\Programs\Fiddler\Fiddler.exe, type: DROPPED
                Source: Yara matchFile source: C:\Users\user\AppData\Local\Temp\nsoE58F.tmp, type: DROPPED
                Yara detected zgRAT
                Source: Yara matchFile source: C:\Users\user\AppData\Local\Programs\Fiddler\Fiddler.exe, type: DROPPED

                Remote Access Functionality

                barindex
                Yara detected PureLog Stealer
                Source: Yara matchFile source: C:\Users\user\AppData\Local\Programs\Fiddler\Fiddler.exe, type: DROPPED
                Source: Yara matchFile source: C:\Users\user\AppData\Local\Temp\nsoE58F.tmp, type: DROPPED
                Yara detected zgRAT
                Source: Yara matchFile source: C:\Users\user\AppData\Local\Programs\Fiddler\Fiddler.exe, type: DROPPED

                Mitre Att&ck Matrix

                ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
                Gather Victim Identity Information11
                Scripting                		Valid Accounts31
                Windows Management Instrumentation                		11
                Scripting                		1
                DLL Side-Loading                		21
                Disable or Modify Tools                		OS Credential Dumping3
                File and Directory Discovery                		Remote Services11
                Archive Collected Data                		3
                Ingress Tool Transfer                		Exfiltration Over Other Network Medium1
                System Shutdown/Reboot
                CredentialsDomainsDefault Accounts1
                Command and Scripting Interpreter                		1
                DLL Side-Loading                		1
                DLL Search Order Hijacking                		1
                Deobfuscate/Decode Files or Information                		LSASS Memory25
                System Information Discovery                		Remote Desktop Protocol1
                Clipboard Data                		11
                Encrypted Channel                		Exfiltration Over BluetoothNetwork Denial of Service
                Email AddressesDNS ServerDomain AccountsAt1
                DLL Search Order Hijacking                		1
                Access Token Manipulation                		1
                Obfuscated Files or Information                		Security Account Manager13
                Security Software Discovery                		SMB/Windows Admin SharesData from Network Shared Drive4
                Non-Application Layer Protocol                		Automated ExfiltrationData Encrypted for Impact
                Employee NamesVirtual Private ServerLocal AccountsCron1
                Windows Service                		1
                Windows Service                		1
                Software Packing                		NTDS1
                Process Discovery                		Distributed Component Object ModelInput Capture5
                Application Layer Protocol                		Traffic DuplicationData Destruction
                Gather Victim Network InformationServerCloud AccountsLaunchd1
                Registry Run Keys / Startup Folder                		11
                Process Injection                		1
                Timestomp                		LSA Secrets51
                Virtualization/Sandbox Evasion                		SSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
                Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC Scripts1
                Registry Run Keys / Startup Folder                		1
                DLL Side-Loading                		Cached Domain CredentialsWi-Fi DiscoveryVNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
                DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup Items1
                DLL Search Order Hijacking                		DCSyncRemote System DiscoveryWindows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery
                Network Trust DependenciesServerlessDrive-by CompromiseContainer Orchestration JobScheduled Task/JobScheduled Task/Job1
                File Deletion                		Proc FilesystemSystem Owner/User DiscoveryCloud ServicesCredential API HookingApplication Layer ProtocolExfiltration Over Alternative ProtocolDefacement
                Network TopologyMalvertisingExploit Public-Facing ApplicationCommand and Scripting InterpreterAtAt31
                Masquerading                		/etc/passwd and /etc/shadowNetwork SniffingDirect Cloud VM ConnectionsData StagedWeb ProtocolsExfiltration Over Symmetric Encrypted Non-C2 ProtocolInternal Defacement
                IP AddressesCompromise InfrastructureSupply Chain CompromisePowerShellCronCron11
                Modify Registry                		Network SniffingNetwork Service DiscoveryShared WebrootLocal Data StagingFile Transfer ProtocolsExfiltration Over Asymmetric Encrypted Non-C2 ProtocolExternal Defacement
                Network Security AppliancesDomainsCompromise Software Dependencies and Development ToolsAppleScriptLaunchdLaunchd51
                Virtualization/Sandbox Evasion                		Input CaptureSystem Network Connections DiscoverySoftware Deployment ToolsRemote Data StagingMail ProtocolsExfiltration Over Unencrypted Non-C2 ProtocolFirmware Corruption
                Gather Victim Org InformationDNS ServerCompromise Software Supply ChainWindows Command ShellScheduled TaskScheduled Task1
                Access Token Manipulation                		KeyloggingProcess DiscoveryTaint Shared ContentScreen CaptureDNSExfiltration Over Physical MediumResource Hijacking
                Determine Physical LocationsVirtual Private ServerCompromise Hardware Supply ChainUnix ShellSystemd TimersSystemd Timers11
                Process Injection                		GUI Input CapturePermission Groups DiscoveryReplication Through Removable MediaEmail CollectionProxyExfiltration over USBNetwork Denial of Service

                Behavior Graph

                Hide Legend

                Legend:

                • Process
                • Signature
                • Created File
                • DNS/IP Info
                • Is Dropped
                • Is Windows Process
                • Number of created Registry Values
                • Number of created Files
                • Visual Basic
                • Delphi
                • Java
                • .Net C# or VB.NET
                • C, C++ or other language
                • Is malicious
                • Internet
                behaviorgraph top1 signatures2 2 Behavior Graph ID: 1430644 Sample: SecuriteInfo.com.Trojan.MSI... Startdate: 24/04/2024 Architecture: WINDOWS Score: 40 88 Malicious sample detected (through community Yara rule) 2->88 90 Yara detected PureLog Stealer 2->90 92 Yara detected zgRAT 2->92 94 2 other signatures 2->94 9 SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe 17 2->9         started        process3 file4 48 C:\Users\user\AppData\...\FiddlerSetup.exe, PE32 9->48 dropped 12 FiddlerSetup.exe 38 135 9->12         started        process5 file6 68 C:\Users\user\AppData\Local\...\Fiddler.exe, PE32 12->68 dropped 70 C:\Users\user\AppData\Local\...\nsoE58F.tmp, data 12->70 dropped 72 C:\Users\user\AppData\Local\...\System.dll, PE32 12->72 dropped 74 46 other files (none is malicious) 12->74 dropped 96 Tries to detect sandboxes and other dynamic analysis tools (process name or module or function) 12->96 98 Uses netsh to modify the Windows network and firewall settings 12->98 100 Modifies the windows firewall 12->100 16 ngen.exe 5 4 12->16         started        19 ngen.exe 5 4 12->19         started        21 chrome.exe 12->21         started        24 3 other processes 12->24 signatures7 process8 dnsIp9 86 Tries to detect sandboxes and other dynamic analysis tools (process name or module or function) 16->86 26 mscorsvw.exe 16->26         started        29 mscorsvw.exe 16->29         started        31 mscorsvw.exe 16->31         started        40 41 other processes 16->40 33 mscorsvw.exe 19->33         started        35 mscorsvw.exe 19->35         started        42 6 other processes 19->42 76 192.168.2.7, 123, 138, 443 unknown unknown 21->76 78 239.255.255.250 unknown Reserved 21->78 37 chrome.exe 21->37         started        44 3 other processes 24->44 signatures10 process11 dnsIp12 50 C:\Windows\...\System.EnterpriseServices.dll, PE32+ 26->50 dropped 54 3 other files (none is malicious) 26->54 dropped 56 2 other files (none is malicious) 29->56 dropped 58 2 other files (none is malicious) 31->58 dropped 60 2 other files (none is malicious) 33->60 dropped 62 2 other files (none is malicious) 35->62 dropped 80 s.twitter.com 104.244.42.131, 443, 49927, 49928 TWITTERUS United States 37->80 82 t.co 104.244.42.69, 443, 49924, 49925 TWITTERUS United States 37->82 84 64 other IPs or domains 37->84 52 C:\...\Microsoft.Build.Utilities.v4.0.dll, PE32+ 40->52 dropped 64 31 other files (none is malicious) 40->64 dropped 46 conhost.exe 40->46         started        66 4 other files (none is malicious) 42->66 dropped file13 process14

                Screenshots

                Thumbnails

                This section contains all screenshots as thumbnails, including those not shown in the slideshow.


                windows-stand

                Antivirus, Machine Learning and Genetic Malware Detection

                Initial Sample

                SourceDetectionScannerLabelLink
                SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe3%ReversingLabs

                Dropped Files

                SourceDetectionScannerLabelLink
                C:\Users\user\AppData\Local\Programs\Fiddler\Analytics.dll0%ReversingLabs
                C:\Users\user\AppData\Local\Programs\Fiddler\Be.Windows.Forms.HexBox.dll0%ReversingLabs
                C:\Users\user\AppData\Local\Programs\Fiddler\DotNetZip.dll0%ReversingLabs
                C:\Users\user\AppData\Local\Programs\Fiddler\EnableLoopback.exe0%ReversingLabs
                C:\Users\user\AppData\Local\Programs\Fiddler\ExecAction.exe3%ReversingLabs
                C:\Users\user\AppData\Local\Programs\Fiddler\Fiddler.exe3%ReversingLabs
                C:\Users\user\AppData\Local\Programs\Fiddler\ForceCPU.exe0%ReversingLabs
                C:\Users\user\AppData\Local\Programs\Fiddler\GA.Analytics.Monitor.dll0%ReversingLabs
                C:\Users\user\AppData\Local\Programs\Fiddler\ImportExport\BasicFormats.dll0%ReversingLabs
                C:\Users\user\AppData\Local\Programs\Fiddler\ImportExport\VSWebTestExport.dll0%ReversingLabs
                C:\Users\user\AppData\Local\Programs\Fiddler\Inspectors\QWhale.Common.dll0%ReversingLabs
                C:\Users\user\AppData\Local\Programs\Fiddler\Inspectors\QWhale.Editor.dll0%ReversingLabs
                C:\Users\user\AppData\Local\Programs\Fiddler\Inspectors\QWhale.Syntax.Schemes.dll0%ReversingLabs
                C:\Users\user\AppData\Local\Programs\Fiddler\Inspectors\QWhale.Syntax.dll0%ReversingLabs
                C:\Users\user\AppData\Local\Programs\Fiddler\Inspectors\Standard.dll0%ReversingLabs
                C:\Users\user\AppData\Local\Programs\Fiddler\Inspectors\SyntaxView.dll0%ReversingLabs
                C:\Users\user\AppData\Local\Programs\Fiddler\Newtonsoft.Json.dll0%ReversingLabs
                C:\Users\user\AppData\Local\Programs\Fiddler\Plugins\NetworkConnections\Telerik.NetworkConnections.Windows.dll2%ReversingLabs
                C:\Users\user\AppData\Local\Programs\Fiddler\ScriptEditor\Analytics.dll0%ReversingLabs
                C:\Users\user\AppData\Local\Programs\Fiddler\ScriptEditor\FSE2.exe0%ReversingLabs
                C:\Users\user\AppData\Local\Programs\Fiddler\ScriptEditor\GA.Analytics.Monitor.dll0%ReversingLabs
                C:\Users\user\AppData\Local\Programs\Fiddler\ScriptEditor\QWhale.Common.dll0%ReversingLabs
                C:\Users\user\AppData\Local\Programs\Fiddler\ScriptEditor\QWhale.Editor.dll0%ReversingLabs
                C:\Users\user\AppData\Local\Programs\Fiddler\ScriptEditor\QWhale.Syntax.Parsers.dll0%ReversingLabs
                C:\Users\user\AppData\Local\Programs\Fiddler\ScriptEditor\QWhale.Syntax.dll0%ReversingLabs
                C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\FiddlerOrchestra.Addon.dll0%ReversingLabs
                C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\FiddlerOrchestra.Connection.dll0%ReversingLabs
                C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\FiddlerOrchestra.Protocol.dll0%ReversingLabs
                C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\FiddlerOrchestra.Utilities.dll0%ReversingLabs
                C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\QWhale.Common.dll0%ReversingLabs
                C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\QWhale.Editor.dll0%ReversingLabs
                C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\QWhale.Syntax.Parsers.dll0%ReversingLabs
                C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\QWhale.Syntax.dll0%ReversingLabs
                C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\RulesTab2.dll0%ReversingLabs
                C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\SimpleFilter.dll0%ReversingLabs
                C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\Timeline.dll0%ReversingLabs
                C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\netstandard.dll0%ReversingLabs
                C:\Users\user\AppData\Local\Programs\Fiddler\SetupHelper0%ReversingLabs
                C:\Users\user\AppData\Local\Programs\Fiddler\Telerik.NetworkConnections.dll2%ReversingLabs
                C:\Users\user\AppData\Local\Programs\Fiddler\Tools\Brotli.exe0%ReversingLabs
                C:\Users\user\AppData\Local\Programs\Fiddler\Tools\JXR2PNG.exe3%ReversingLabs
                C:\Users\user\AppData\Local\Programs\Fiddler\Tools\PngDistill.exe0%ReversingLabs
                C:\Users\user\AppData\Local\Programs\Fiddler\Tools\Zopfli.exe3%ReversingLabs
                C:\Users\user\AppData\Local\Programs\Fiddler\Tools\dwebp.exe0%ReversingLabs
                C:\Users\user\AppData\Local\Programs\Fiddler\TrustCert.exe0%ReversingLabs
                C:\Users\user\AppData\Local\Programs\Fiddler\makecert.exe0%ReversingLabs
                C:\Users\user\AppData\Local\Programs\Fiddler\uninst.exe0%ReversingLabs
                C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe3%ReversingLabs
                C:\Users\user\AppData\Local\Temp\nsx8D7.tmp\System.dll0%ReversingLabs
                C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.B3325a29b#\3f8d7f63514ceeaa11244b3e16a3ea5c\Microsoft.Build.Framework.ni.dll (copy)0%ReversingLabs
                C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.B83e9cb53#\7192d8df2c3d8228b392f5912e16ebc2\Microsoft.Build.Utilities.v4.0.ni.dll (copy)0%ReversingLabs
                C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.JScript\8e9f4b8ba90f0dd7ead0f6d3724d12f0\Microsoft.JScript.ni.dll (copy)0%ReversingLabs
                C:\Windows\assembly\NativeImages_v4.0.30319_64\SMDiagnostics\1936f2ecbcf18cda53f04b49073cf801\SMDiagnostics.ni.dll (copy)0%ReversingLabs
                C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Comp46f2b404#\70bed732cba41d298e54cc0a935a935b\System.ComponentModel.DataAnnotations.ni.dll (copy)0%ReversingLabs
                C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Data.SqlXml\78d6922d3a02a93359e189f060d76f47\System.Data.SqlXml.ni.dll (copy)0%ReversingLabs
                C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Data86569bbf#\058b5c6d514044e05b07d4b113045f72\System.Data.OracleClient.ni.dll (copy)0%ReversingLabs
                C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Deployment\4fa111e50d95d3e08c2d856a5394af3b\System.Deployment.ni.dll (copy)0%ReversingLabs
                C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Design\e6264fe3334740cf9e7da3afc7d524cc\System.Design.ni.dll (copy)0%ReversingLabs
                C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Dire5d62f0a2#\a2886f8a05c8adae3050b95af3970e92\System.DirectoryServices.Protocols.ni.dll (copy)0%ReversingLabs
                C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Draw0a54d252#\1add9b3a6e41e9922f7c95ebd442ed4e\System.Drawing.Design.ni.dll (copy)0%ReversingLabs
                C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Ente96d83b35#\cbb85b2c3ecfe129570a8c187041de31\System.EnterpriseServices.Wrapper.dll (copy)0%ReversingLabs
                C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Ente96d83b35#\cbb85b2c3ecfe129570a8c187041de31\System.EnterpriseServices.ni.dll (copy)0%ReversingLabs
                C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Numerics\ce1e4670373608336100bea63bbc8990\System.Numerics.ni.dll (copy)0%ReversingLabs
                C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runt19c51595#\b5d4608754b2d1d4f1d2d3c00cbcdfe0\System.Runtime.Caching.ni.dll (copy)0%ReversingLabs
                C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\f975db3abcedde8df2408b15e2c6dd09\System.Runtime.Serialization.Formatters.Soap.ni.dll (copy)0%ReversingLabs
                C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Security\bde2021ecdaa53585a395f095971633c\System.Security.ni.dll (copy)0%ReversingLabs
                C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Servd1dec626#\aa6a3ae1d00b1eb221bba5375e6387b1\System.ServiceModel.Internals.ni.dll (copy)0%ReversingLabs
                C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Web.82d5542b#\9c63130543c9d395491387159924bf83\System.Web.RegularExpressions.ni.dll (copy)0%ReversingLabs
                C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Web.8dc504e4#\51cf3243e3f9124c32bc8614b4bcda4e\System.Web.ApplicationServices.ni.dll (copy)0%ReversingLabs
                C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Web\0bc179a6f5376dabed45d64773e7a963\System.Web.ni.dll (copy)0%ReversingLabs
                C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1090-0\System.Data.OracleClient.dll0%ReversingLabs
                C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1260-0\System.Design.dll0%ReversingLabs
                C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1280-0\System.Web.RegularExpressions.dll0%ReversingLabs
                C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1408-0\System.Drawing.Design.dll0%ReversingLabs
                C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1454-0\System.Numerics.dll0%ReversingLabs
                C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\172c-0\System.Runtime.Serialization.Formatters.Soap.dll0%ReversingLabs

                Unpacked PE Files

                No Antivirus matches

                Domains

                No Antivirus matches

                URLs

                SourceDetectionScannerLabelLink
                http://exslt.org/common0%URL Reputationsafe
                https://www.clarity.ms/tag/uet/0%URL Reputationsafe
                http://www.fiddler2.com/sandbox/FormAndCookie.asp0%Avira URL Cloudsafe
                http://fiddler2.com/r/?Fiddler2FirstRunP0%Avira URL Cloudsafe
                http://fiddler2.com/r/?Fiddler2FirstRunz0%Avira URL Cloudsafe
                http://fiddler2.com/r/?Fiddler2FirstRunR0%Avira URL Cloudsafe
                about:blank0%Avira URL Cloudsafe
                http://fiddler2.com/r/?Fiddler2FirstRun_0%Avira URL Cloudsafe
                http://fiddler2.com/surveys/SurveysBaseUri0%Avira URL Cloudsafe
                http://fiddler2.com/r/?quickexec0%Avira URL Cloudsafe
                https://fiddler2.com/r/?credits0%Avira URL Cloudsafe
                http://fiddler2.com/r/?id=bitness)0%Avira URL Cloudsafe
                http://fiddler2.com/r/?Fiddler2FirstRunl0%Avira URL Cloudsafe
                http://127.0.0.1:0%Avira URL Cloudsafe
                http://www.fiddlerbook.com/fiddler/help/http/headers.asp?query=0%Avira URL Cloudsafe
                http://fiddler2.com/r/?SYNTAXVIEWINSTALL0%Avira URL Cloudsafe
                http://fiddler2.com/r/?Fiddler2FirstRunert0%Avira URL Cloudsafe
                https://rum-collector-2.pingdom.net/img/beacon.gif?id=54328dddabe53db9497b23c6&sAW=1280&sAH=984&bIW=1034&bIH=870&pD=24&dPR=1&or=landscape-primary&nT=1&rC=0&nS=0&cS=13&cE=434&dLE=13&dLS=13&fS=4&hS=14&rE=-1&rS=-1&reS=434&resS=1091&resE=1520&uEE=1137&uES=1137&dL=1156&dI=1751&dCLES=1751&dCLEE=1754&dC=8300&lES=8308&lEE=8310&s=nt&title=First%20run&path=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&ref=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&sId=zaewourn&sST=1713915006&sIS=1&rV=0&v=1.4.10%Avira URL Cloudsafe
                http://html4/loose.dtd0%Avira URL Cloudsafe
                http://www.URLtoDownloadFrom.net0%Avira URL Cloudsafe
                http://www.contoso.com/0%Avira URL Cloudsafe
                http://www.someserver.com/upload.aspx0%Avira URL Cloudsafe
                http://fiddler2.com/r/?id=bitness0%Avira URL Cloudsafe
                http://fiddler2.com/r/?FiddlerLog0%Avira URL Cloudsafe
                http://fiddler2.com/0%Avira URL Cloudsafe
                http://fiddler2.com/r/?Fiddler2FirstRunfbw0%Avira URL Cloudsafe
                http://www.bouncycastle.org)0%Avira URL Cloudsafe
                http://fiddler2.com/r/?FiddlerSandboxSOFTWARE0%Avira URL Cloudsafe
                http://.css0%Avira URL Cloudsafe
                http://www.qwhale.net/products/editor.htm0%Avira URL Cloudsafe
                http://fiddler2.com/fiddlercore0%Avira URL Cloudsafe
                http://.jpg0%Avira URL Cloudsafe
                http://getfiddler.com/0%Avira URL Cloudsafe
                about:srcdoc0%Avira URL Cloudsafe

                Domains and IPs

                Contacted Domains

                NameIPActiveMaliciousAntivirus DetectionReputation
                telerik.com
                		50.56.19.112
                		truefalse
                  		high
                  d6vtbcy3ong79.cloudfront.net
                  		13.226.251.88
                  		truefalse
                    		high
                    sni1gl.wpc.gammacdn.net
                    		152.195.19.97
                    		truefalse
                      		unknown
                      p01f.t.eloqua.com
                      		192.29.11.142
                      		truefalse
                        		high
                        euob.ytwohlcq.telerik.com
                        		18.154.206.13
                        		truefalse
                          		high
                          platform.twitter.map.fastly.net
                          		146.75.92.157
                          		truefalse
                            		unknown
                            stats.g.doubleclick.net
                            		142.251.2.156
                            		truefalse
                              		high
                              scontent.xx.fbcdn.net
                              		31.13.70.7
                              		truefalse
                                		high
                                privacyportal.onetrust.com
                                		104.18.32.137
                                		truefalse
                                  		high
                                  rum-static.pingdom.net
                                  		104.22.54.104
                                  		truefalse
                                    		unknown
                                    t.co
                                    		104.244.42.69
                                    		truefalse
                                      		high
                                      script.hotjar.com
                                      		13.226.225.31
                                      		truefalse
                                        		high
                                        cdnjs.cloudflare.com
                                        		104.17.25.14
                                        		truefalse
                                          		high
                                          www.google.com
                                          		142.250.141.99
                                          		truefalse
                                            		high
                                            q.quora.com
                                            		52.200.154.95
                                            		truefalse
                                              		high
                                              static-cdn.hotjar.com
                                              		18.65.25.57
                                              		truefalse
                                                		high
                                                star-mini.c10r.facebook.com
                                                		31.13.70.36
                                                		truefalse
                                                  		high
                                                  s.twitter.com
                                                  		104.244.42.131
                                                  		truefalse
                                                    		high
                                                    bcltest2.b-cdn.net
                                                    		143.244.50.82
                                                    		truefalse
                                                      		high
                                                      obseu.ytwohlcq.telerik.com
                                                      		3.248.162.96
                                                      		truefalse
                                                        		high
                                                        d585tldpucybw.cloudfront.net
                                                        		108.139.9.18
                                                        		truefalse
                                                          		high
                                                          d2no1x7oj2rkdb.cloudfront.net
                                                          		18.65.25.14
                                                          		truefalse
                                                            		high
                                                            prod-dem-collector-elb-611025824.eu-west-1.elb.amazonaws.com
                                                            		34.245.244.146
                                                            		truefalse
                                                              		high
                                                              googleads.g.doubleclick.net
                                                              		142.251.2.155
                                                              		truefalse
                                                                		high
                                                                qualdnt.b-cdn.net
                                                                		143.244.50.213
                                                                		truefalse
                                                                  		high
                                                                  part-0041.t-0009.t-msedge.net
                                                                  		13.107.213.69
                                                                  		truefalse
                                                                    		unknown
                                                                    td.doubleclick.net
                                                                    		74.125.137.156
                                                                    		truefalse
                                                                      		high
                                                                      analytics.google.com
                                                                      		142.251.2.139
                                                                      		truefalse
                                                                        		high
                                                                        dtzbdy9anri2p.cloudfront.net
                                                                        		52.85.205.195
                                                                        		truefalse
                                                                          		high
                                                                          fiddler2.com
                                                                          		50.56.19.116
                                                                          		truefalse
                                                                            		unknown
                                                                            unpkg.com
                                                                            		104.17.246.203
                                                                            		truefalse
                                                                              		high
                                                                              cdn.cookielaw.org
                                                                              		104.19.178.52
                                                                              		truefalse
                                                                                		high
                                                                                geolocation.onetrust.com
                                                                                		104.18.32.137
                                                                                		truefalse
                                                                                  		high
                                                                                  geo.qualaroo.com
                                                                                  		3.211.190.76
                                                                                  		truefalse
                                                                                    		high
                                                                                    api.insight.sitefinity.com
                                                                                    		52.252.156.53
                                                                                    		truefalse
                                                                                      		high
                                                                                      static.ads-twitter.com
                                                                                      		unknown
                                                                                      		unknownfalse
                                                                                        		unknown
                                                                                        a.quora.com
                                                                                        		unknown
                                                                                        		unknownfalse
                                                                                          		high
                                                                                          s1325.t.eloqua.com
                                                                                          		unknown
                                                                                          		unknownfalse
                                                                                            		high
                                                                                            www.telerik.com
                                                                                            		unknown
                                                                                            		unknownfalse
                                                                                              		high
                                                                                              static.hotjar.com
                                                                                              		unknown
                                                                                              		unknownfalse
                                                                                                		high
                                                                                                cl.qualaroo.com
                                                                                                		unknown
                                                                                                		unknownfalse
                                                                                                  		high
                                                                                                  c.clarity.ms
                                                                                                  		unknown
                                                                                                  		unknownfalse
                                                                                                    		unknown
                                                                                                    www.facebook.com
                                                                                                    		unknown
                                                                                                    		unknownfalse
                                                                                                      		high
                                                                                                      www.clarity.ms
                                                                                                      		unknown
                                                                                                      		unknownfalse
                                                                                                        		unknown
                                                                                                        img.en25.com
                                                                                                        		unknown
                                                                                                        		unknownfalse
                                                                                                          		high
                                                                                                          www.linkedin.com
                                                                                                          		unknown
                                                                                                          		unknownfalse
                                                                                                            		high
                                                                                                            www.clickcease.com
                                                                                                            		unknown
                                                                                                            		unknownfalse
                                                                                                              		high
                                                                                                              rum-collector-2.pingdom.net
                                                                                                              		unknown
                                                                                                              		unknownfalse
                                                                                                                		unknown
                                                                                                                d.clarity.ms
                                                                                                                		unknown
                                                                                                                		unknownfalse
                                                                                                                  		unknown
                                                                                                                  connect.facebook.net
                                                                                                                  		unknown
                                                                                                                  		unknownfalse
                                                                                                                    		high
                                                                                                                    px.ads.linkedin.com
                                                                                                                    		unknown
                                                                                                                    		unknownfalse
                                                                                                                      		high
                                                                                                                      analytics.twitter.com
                                                                                                                      		unknown
                                                                                                                      		unknownfalse
                                                                                                                        		high
                                                                                                                        dntcl.qualaroo.com
                                                                                                                        		unknown
                                                                                                                        		unknownfalse
                                                                                                                          		high
                                                                                                                          snap.licdn.com
                                                                                                                          		unknown
                                                                                                                          		unknownfalse
                                                                                                                            		high
                                                                                                                            cdn.insight.sitefinity.com
                                                                                                                            		unknown
                                                                                                                            		unknownfalse
                                                                                                                              		high

                                                                                                                              Contacted URLs

                                                                                                                              NameMaliciousAntivirus DetectionReputation
                                                                                                                              https://www.telerik.com/RestApi/personalizations/render?pageNodeId=5ceb4be1-05bd-4c69-892a-2c2bbd37538b&pageDataId=1f960fad-aef2-4475-8978-52fb7a29dbc9&pageNodeKey=5CEB4BE1-05BD-4C69-892A-2C2BBD37538B/b31ca85c-a1c5-4a9d-8b5d-e7b0736a8b16/SitefinitySiteMap&url=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&controls=09f9bb4f-5990-40af-b361-7849c73c9604_1,0cd3f511-e7d9-4e23-8773-26005ae09893_1,25637a62-a321-49a0-8b7e-5962dc977e95_1,6b5ac4dc-8fd0-4043-bd0a-e9ffd31e3bc8_1&correlationId=lvd0q0oezinv502q4ffalse
                                                                                                                                		high
                                                                                                                                https://s1325.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=1325&ref=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&ref2=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&tzo=-60&ms=36&optin=disabledfalse
                                                                                                                                  		high
                                                                                                                                  https://www.telerik.com/webapi/Announcements/GetPromo?url=https://www.telerik.com/download/fiddler/first-runfalse
                                                                                                                                    		high
                                                                                                                                    about:blankfalse
                                                                                                                                    • Avira URL Cloud: safe
                                                                                                                                    		low
                                                                                                                                    https://www.telerik.com/RestApi/personalizations/render?pageNodeId=5ceb4be1-05bd-4c69-892a-2c2bbd37538b&pageDataId=1f960fad-aef2-4475-8978-52fb7a29dbc9&pageNodeKey=5CEB4BE1-05BD-4C69-892A-2C2BBD37538B/b31ca85c-a1c5-4a9d-8b5d-e7b0736a8b16/SitefinitySiteMap&url=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&controls=09f9bb4f-5990-40af-b361-7849c73c9604_1,0cd3f511-e7d9-4e23-8773-26005ae09893_1,25637a62-a321-49a0-8b7e-5962dc977e95_1,6b5ac4dc-8fd0-4043-bd0a-e9ffd31e3bc8_1&correlationId=lvd0qj2kn097okrw3nnfalse
                                                                                                                                      		high
                                                                                                                                      https://stats.g.doubleclick.net/g/collect?v=2&tid=G-9JSNBCSF54&cid=925834404.1713914987&gtm=45je44m0v9167661709z8536291za200&aip=1&dma=0&gcs=G111&gcd=13v3v3v3v5&npa=0false
                                                                                                                                        		high
                                                                                                                                        https://d6vtbcy3ong79.cloudfront.net/telerik-navigation/3.5.25/js/index.min.mjsfalse
                                                                                                                                          		high
                                                                                                                                          https://s1325.t.eloqua.com/visitor/v200/svrGP?pps=70&siteid=1325false
                                                                                                                                            		high
                                                                                                                                            https://s1325.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=1325&ref=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&ref2=elqNone&tzo=-60&ms=762&optin=disabled&elqCookie=1false
                                                                                                                                              		high
                                                                                                                                              http://www.telerik.com/download/fiddler/first-runfalse
                                                                                                                                                		high
                                                                                                                                                https://rum-collector-2.pingdom.net/img/beacon.gif?id=54328dddabe53db9497b23c6&sAW=1280&sAH=984&bIW=1034&bIH=870&pD=24&dPR=1&or=landscape-primary&nT=1&rC=0&nS=0&cS=13&cE=434&dLE=13&dLS=13&fS=4&hS=14&rE=-1&rS=-1&reS=434&resS=1091&resE=1520&uEE=1137&uES=1137&dL=1156&dI=1751&dCLES=1751&dCLEE=1754&dC=8300&lES=8308&lEE=8310&s=nt&title=First%20run&path=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&ref=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&sId=zaewourn&sST=1713915006&sIS=1&rV=0&v=1.4.1false
                                                                                                                                                • Avira URL Cloud: safe
                                                                                                                                                		unknown
                                                                                                                                                https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t3t5&rnd=1853818599.1713914998&url=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&dma=0&npa=0&gtm=45je44m0v9167661709z8536291za200&auid=571138784.1713914988false
                                                                                                                                                  		high
                                                                                                                                                  https://q.quora.com/_/ad/f3942e2f1f7d449b81784d171e274880/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-runfalse
                                                                                                                                                    		high
                                                                                                                                                    https://cdn.cookielaw.org/consent/3dfce4f2-dab6-4128-9f33-df7e0597da82/8b69118b-3606-49f3-8c41-2718141b484d/en.jsonfalse
                                                                                                                                                      		high
                                                                                                                                                      https://script.hotjar.com/modules.588629dd3c10b20ab52d.jsfalse
                                                                                                                                                        		high
                                                                                                                                                        https://cl.qualaroo.com/ki.js/24100/4Nr.jsfalse
                                                                                                                                                          		high
                                                                                                                                                          https://www.google.com/pagead/1p-conversion/975652292/?label=p4zxCNq_8IkYEMSLndED&guid=ON&script=0&ct_cookie_present=false&random=410509906&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQIiAQFAAQ&pscrd=CLnc9JHh-P76OCITCIaknPO-2YUDFcT8_QUdYDUDfjICCAMyAggEMgIIBzICCAgyAggJMgIICjICCAIyAggLOhhodHRwczovL3d3dy50ZWxlcmlrLmNvbS8&is_vtc=1&cid=CAQSKQB7FLtqm_2Y7mhgr_4TT706Z25qzJIIuEtEWsQVeg8mFAIyjSrn8yEj&random=4068442111false
                                                                                                                                                            		high
                                                                                                                                                            https://d6vtbcy3ong79.cloudfront.net/fonts/2.2.7/metric/Metric-Semibold.woff2false
                                                                                                                                                              		high
                                                                                                                                                              https://connect.facebook.net/signals/config/1444093252502226?v=2.9.154&r=stable&domain=www.telerik.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105false
                                                                                                                                                                		high
                                                                                                                                                                https://www.telerik.com/WebResource.axd?d=wnB2OjhYopty-dCFa4b2kKCIWGgLoaj0QQ4I7F_PiSysmtqnVBUtsGpmlAymZDgXEXdRjhe5BdfNkuyybLSHMhRnbzI9oh6WXC-y-EwOrJPY0qCvfWaOo0ltV4TVm8apzRlzF5O244Y4u7-m5V8Vv2yC1Tun7PurVRoOxfv28sPwY-isOJNAi7MSqc1tycGYAkqZXHU_zlVNorSTBDv4W4jemDM1&t=638477158040000000false
                                                                                                                                                                  		high
                                                                                                                                                                  https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1444093252502226&ev=CHEQ&dl=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&rl=&if=false&ts=1713914994454&sw=1280&sh=1024&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1713914994453.110516813&ler=empty&cdl=API_unavailable&it=1713914993541&coo=false&rqm=FGETfalse
                                                                                                                                                                    		high
                                                                                                                                                                    https://unpkg.com/web-vitals/dist/web-vitals.iife.jsfalse
                                                                                                                                                                      		high
                                                                                                                                                                      https://dtzbdy9anri2p.cloudfront.net/cache/b6ce06a57a51347c21d7af30873baa8620408fd6/telerik/css/style.cssfalse
                                                                                                                                                                        		high
                                                                                                                                                                        https://obseu.ytwohlcq.telerik.com/tracker/tc_imp.gif?e=37dfbd8ee84e00126bedce34ef478a9d9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5d168b6a2f17071a10acf9f29f674d8b83d8022b3648fa2c2157826adf61950c655021c604030a35555997b7624f77be26bb25cb43e2923ef44c6eaa132c7a14c450ea54e285929c68f37950aa2084ba5f7ff35b7b1a2d18c8c9077af562b7818fbd1910fa0a9fc95df820da75c45b956279f02b01f2040e0228d2595fe69fe0a100ba2f965f980cf64d766dbad1276140023df819958d45a95f60e8e4e47116253bc6f57662d4dd09012b4576190bb98e32606d64f5ac183bd5b4f02d97fe58740f30b9e4f0d58a7dacd9db0ee35fc95f6f6bc9ecc8b6f03dc5d8e23d97320fd9ad9d784a40ff6939ac820876b08de97e8a03fa42ae965d8013d9c56d9c7c71d6da2dc77ad795afedcbbabf4c68af74a8e8a5744e60e3943dcceb13e75a1058830906d092cecccaec9426873ac792f5c638e87b3b6cd7366b8493925f2adca82bf853b5c11fd837ae3d1a0b63fd76f14ddc87f62cf6c72fc45cbfd9929b77895d437ded590413260974d1ba71a51d99819231b0d273fa9e2bca89e0b27c82bfaa596b6b84e75347ddfa0d5104f2e2e524bb6cc3a81fabfd6cf722b22d87008c06ddba58924672a6f7c974232d3e526c520b46eeb8d332c008a5075c5f3bafe53c83c14d52bac18ba8b67ecbefe1f485fcabf14f513dfc4685bf586a8a4b6209cb710b231faa22fa285dbbbfd3699861c9248caa2fc4b90990720b25250162129dc0e1da3a7354990a59879185a9baa152059eb0bd6197cf7379d0ce133c69fa91c55721b72483439c06fe3c9d16c7d515f8ba5ffe89dc97c11370e5f23a7d8371a78eb9aa129564330841d0151536f6fb3686b711cccdc2ae1edf9b95704b6e13ac37b904b454b5806a9f334728493d633f9633c7f56635c61dc7f3f569a8bb289e6861eb5425788de2c30b44ef76f48d19db0338084da25b57f3cbbf1ebd165ec7dd67a2d6dca8925ec81f157407f81c484e8ed24805a836e7e2d379de97bd72022ff32e79575aad4207bfc6b00a1b927e6387c2c553c3d5bacf5922a622fb5a3b44c64f3f6d958d510399dce0caf0f24ea328ac6ec9379ecc5195fff22a2bfdd90391cbfca0cef0cadf6b01dfa4375f9b23805bde4cebe52cacd3df8c32cbc6a7a4a41520cdbfb1ec499705d411432f&cri=JFpDhY30Gl&ts=1709&cb=1713914999226false
                                                                                                                                                                          		high
                                                                                                                                                                          https://dntcl.qualaroo.com/frame.htmlfalse
                                                                                                                                                                            		high
                                                                                                                                                                            https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-111455-1&cid=925834404.1713914987&jid=1541579741&gjid=934141005&_gid=1225407003.1713914987&_u=aGBAiEABBAAAAGAFKC~&z=2074653487false
                                                                                                                                                                              		high
                                                                                                                                                                              about:srcdocfalse
                                                                                                                                                                              • Avira URL Cloud: safe
                                                                                                                                                                              		low
                                                                                                                                                                              https://script.hotjar.com/browser-perf.8417c6bba72228fa2e29.jsfalse
                                                                                                                                                                                		high
                                                                                                                                                                                https://www.telerik.com/favicon.ico?v=rebv1false
                                                                                                                                                                                  		high
                                                                                                                                                                                  https://d6vtbcy3ong79.cloudfront.net/telerik-navigation/3.5.25/css/index.min.cssfalse
                                                                                                                                                                                    		high

                                                                                                                                                                                    URLs from Memory and Binaries

                                                                                                                                                                                    NameSourceMaliciousAntivirus DetectionReputation
                                                                                                                                                                                    https://fiddler2.com/r/?creditsFiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                    • Avira URL Cloud: safe
                                                                                                                                                                                    		unknown
                                                                                                                                                                                    http://www.fiddler2.com/sandbox/FormAndCookie.aspFiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                    • Avira URL Cloud: safe
                                                                                                                                                                                    		unknown
                                                                                                                                                                                    http://fiddler2.com/r/?id=bitness)FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                    • Avira URL Cloud: safe
                                                                                                                                                                                    		unknown
                                                                                                                                                                                    http://fiddler2.com/surveys/SurveysBaseUriFiddler.pdb.3.drfalse
                                                                                                                                                                                    • Avira URL Cloud: safe
                                                                                                                                                                                    		unknown
                                                                                                                                                                                    http://ajax.aspnetcdn.com/ajax/4.6/1/DetailsView.jsTSystem.Web.dll.35.drfalse
                                                                                                                                                                                      		high
                                                                                                                                                                                      http://fiddler2.com/r/?Fiddler2FirstRun_FiddlerSetup.exe, 00000003.00000002.2525824876.000000000064A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                      • Avira URL Cloud: safe
                                                                                                                                                                                      		unknown
                                                                                                                                                                                      https://ampcid.google.com/v1/publisher:getClientIdchromecache_340.27.drfalse
                                                                                                                                                                                        		high
                                                                                                                                                                                        http://fiddler.wikidot.com/prefsFiddler.exe.3.drfalse
                                                                                                                                                                                          		high
                                                                                                                                                                                          http://fiddler2.com/r/?Fiddler2FirstRunRFiddlerSetup.exe, 00000003.00000002.2525824876.000000000064A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                          • Avira URL Cloud: safe
                                                                                                                                                                                          		unknown
                                                                                                                                                                                          http://fiddler2.com/r/?Fiddler2FirstRunPFiddlerSetup.exe, 00000003.00000002.2525824876.000000000064A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                          • Avira URL Cloud: safe
                                                                                                                                                                                          		unknown
                                                                                                                                                                                          http://www.opensource.org/licenses/mit-license.phpFiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                            		high
                                                                                                                                                                                            http://groups.google.com/group/http-archive-specification/FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002ADB000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                              		high
                                                                                                                                                                                              https://www.telerik.com/blogs/fiddlercore-for-net-standard-and-fiddler-orchestra-the-future-of-fiddlFiddlerSetup.exe, 00000003.00000002.2527704098.0000000002ADB000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                		high
                                                                                                                                                                                                http://commons.apache.org/proper/commons-compress/FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                  		high
                                                                                                                                                                                                  http://nsis.sourceforge.net/Main_PageFiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                    		high
                                                                                                                                                                                                    https://stats.g.doubleclick.net/j/collectchromecache_340.27.drfalse
                                                                                                                                                                                                      		high
                                                                                                                                                                                                      http://fiddler2.com/r/?Fiddler2FirstRunzFiddlerSetup.exe, 00000003.00000002.2525824876.00000000005F8000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: safe
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://fiddler2.com/r/?quickexecFiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp, SampleRules.cs.3.drfalse
                                                                                                                                                                                                      • Avira URL Cloud: safe
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://fiddler2.com/r/?Fiddler2FirstRunlFiddlerSetup.exe, 00000003.00000002.2525824876.00000000005DC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: safe
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://ajax.aspnetcdn.com/ajax/4.6/1/GridView.jsTSystem.Web.dll.35.drfalse
                                                                                                                                                                                                        		high
                                                                                                                                                                                                        https://www.nuget.org/packages/DotNetZip/FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                          		high
                                                                                                                                                                                                          http://www.telerik.com/fiddlerSecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exefalse
                                                                                                                                                                                                            		high
                                                                                                                                                                                                            http://ajax.aspnetcdn.com/ajax/4.6/1/WebForms.jsSystem.Web.dll.35.drfalse
                                                                                                                                                                                                              		high
                                                                                                                                                                                                              https://www.progress.com/legal/privacy-policy).FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2525824876.0000000000578000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                		high
                                                                                                                                                                                                                http://www.entrust.net/rpa03FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp, GA.Analytics.Monitor.dll0.3.dr, Telerik.NetworkConnections.dll.3.drfalse
                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                  http://www.google.com/bot.html)FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp, SampleRules.cs.3.drfalse
                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                    http://exslt.org/commonSystem.Data.SqlXml.dll.29.drfalse
                                                                                                                                                                                                                    • URL Reputation: safe
                                                                                                                                                                                                                    		unknown
                                                                                                                                                                                                                    https://github.com/google/zopfli/commit/720b20e8db19ea90b38edce82aca52815edf8c1aFiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                      http://ajax.aspnetcdn.com/ajax/4.6/1/WebParts.jsTSystem.Web.dll.35.drfalse
                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                        http://www.fiddlerbook.com/fiddler/help/http/headers.asp?query=FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                        • Avira URL Cloud: safe
                                                                                                                                                                                                                        		unknown
                                                                                                                                                                                                                        http://ajax.aspnetcdn.com/ajax/4.6/1/Focus.jsTSystem.Web.dll.35.drfalse
                                                                                                                                                                                                                          		high
                                                                                                                                                                                                                          http://www.symauth.com/cps0(FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp, Telerik.NetworkConnections.dll.3.drfalse
                                                                                                                                                                                                                            		high
                                                                                                                                                                                                                            http://127.0.0.1:FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002ADB000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                            • Avira URL Cloud: safe
                                                                                                                                                                                                                            		unknown
                                                                                                                                                                                                                            http://sourceforge.net/projects/hexbox/FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                              		high
                                                                                                                                                                                                                              http://www.symauth.com/rpa00FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp, Telerik.NetworkConnections.dll.3.drfalse
                                                                                                                                                                                                                                		high
                                                                                                                                                                                                                                http://www.URLtoDownloadFrom.netFiddlerSetup.exe, 00000003.00000002.2527704098.00000000029A6000.00000004.00000020.00020000.00000000.sdmp, QWhale.Syntax.Parsers.dll0.3.drfalse
                                                                                                                                                                                                                                • Avira URL Cloud: safe
                                                                                                                                                                                                                                		unknown
                                                                                                                                                                                                                                http://www.contoso.com/FiddlerSetup.exe, 00000003.00000002.2527704098.00000000029A6000.00000004.00000020.00020000.00000000.sdmp, QWhale.Syntax.Parsers.dll0.3.drfalse
                                                                                                                                                                                                                                • Avira URL Cloud: safe
                                                                                                                                                                                                                                		unknown
                                                                                                                                                                                                                                http://www.someserver.com/upload.aspxFiddlerSetup.exe, 00000003.00000002.2527704098.00000000029A6000.00000004.00000020.00020000.00000000.sdmp, QWhale.Syntax.Parsers.dll0.3.drfalse
                                                                                                                                                                                                                                • Avira URL Cloud: safe
                                                                                                                                                                                                                                		unknown
                                                                                                                                                                                                                                http://fiddler2.com/r/?SYNTAXVIEWINSTALLFiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                • Avira URL Cloud: safe
                                                                                                                                                                                                                                		unknown
                                                                                                                                                                                                                                http://ajax.aspnetcdn.com/ajax/4.6/1/WebUIValidation.jsTSystem.Web.dll.35.drfalse
                                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                                  http://crl.entrust.net/2048ca.crl0FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp, GA.Analytics.Monitor.dll0.3.dr, Telerik.NetworkConnections.dll.3.drfalse
                                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                                    http://fiddler2.com/r/?Fiddler2FirstRunertFiddlerSetup.exe, 00000003.00000002.2525824876.00000000005DC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                    • Avira URL Cloud: safe
                                                                                                                                                                                                                                    		unknown
                                                                                                                                                                                                                                    http://html4/loose.dtdFiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                    • Avira URL Cloud: safe
                                                                                                                                                                                                                                    		low
                                                                                                                                                                                                                                    http://fiddler2.com/r/?id=bitnessFiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                    • Avira URL Cloud: safe
                                                                                                                                                                                                                                    		unknown
                                                                                                                                                                                                                                    http://fiddler2.com/r/?FiddlerLogFiddlerSetup.exe, 00000003.00000002.2527704098.00000000027DA000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                    • Avira URL Cloud: safe
                                                                                                                                                                                                                                    		unknown
                                                                                                                                                                                                                                    http://fiddler2.com/fiddlercoreFiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp, SampleRules.cs.3.drfalse
                                                                                                                                                                                                                                    • Avira URL Cloud: safe
                                                                                                                                                                                                                                    		unknown
                                                                                                                                                                                                                                    https://github.com/ymnk/jzlibFiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                                      http://curl.haxx.se/FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002ADB000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                                        https://www.clarity.ms/tag/uet/chromecache_302.27.drfalse
                                                                                                                                                                                                                                        • URL Reputation: safe
                                                                                                                                                                                                                                        		unknown
                                                                                                                                                                                                                                        http://fiddler2.com/r/?Fiddler2FirstRunfbwFiddlerSetup.exe, 00000003.00000002.2525824876.000000000064A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                        • Avira URL Cloud: safe
                                                                                                                                                                                                                                        		unknown
                                                                                                                                                                                                                                        http://.cssFiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                        • Avira URL Cloud: safe
                                                                                                                                                                                                                                        		low
                                                                                                                                                                                                                                        http://ajax.aspnetcdn.com/ajax/4.6/1/Menu.jsTSystem.Web.dll.35.drfalse
                                                                                                                                                                                                                                          		high
                                                                                                                                                                                                                                          http://www.qwhale.net/products/editor.htmFiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                          • Avira URL Cloud: safe
                                                                                                                                                                                                                                          		unknown
                                                                                                                                                                                                                                          https://cdn.cookielaw.org/vendorlist/googleData.jsonchromecache_274.27.drfalse
                                                                                                                                                                                                                                            		high
                                                                                                                                                                                                                                            http://ajax.aspnetcdn.com/ajax/4.6/1/MenuStandards.jsTSystem.Web.dll.35.drfalse
                                                                                                                                                                                                                                              		high
                                                                                                                                                                                                                                              http://fiddler2.com/FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                              • Avira URL Cloud: safe
                                                                                                                                                                                                                                              		unknown
                                                                                                                                                                                                                                              http://crl.thawte.com/ThawteTimestampingCA.crl0FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp, GA.Analytics.Monitor.dll0.3.dr, Telerik.NetworkConnections.dll.3.drfalse
                                                                                                                                                                                                                                                		high
                                                                                                                                                                                                                                                https://servicestack.netchromecache_292.27.drfalse
                                                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                                                  http://www.fatcow.com/free-iconsFiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                                                    http://blogs.msdn.com/ieinternals/archive/2009/07/20/Using-post_2D00_check-and-pre_2D00_check-cache-FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                                                      http://ajax.aspnetcdn.com/ajax/4.6/1/TreeView.jsTSystem.Web.dll.35.drfalse
                                                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                                                        https://cdn.cookielaw.org/vendorlist/iab2Data.jsonchromecache_274.27.drfalse
                                                                                                                                                                                                                                                          		high
                                                                                                                                                                                                                                                          http://fiddler2.com/r/?FiddlerSandboxSOFTWAREFiddlerSetup.exe, 00000003.00000002.2525824876.0000000000578000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                          • Avira URL Cloud: safe
                                                                                                                                                                                                                                                          		unknown
                                                                                                                                                                                                                                                          http://www.bouncycastle.org)FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                          • Avira URL Cloud: safe
                                                                                                                                                                                                                                                          		low
                                                                                                                                                                                                                                                          http://crl.entrust.net/ts1ca.crl0FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp, GA.Analytics.Monitor.dll0.3.dr, Telerik.NetworkConnections.dll.3.drfalse
                                                                                                                                                                                                                                                            		high
                                                                                                                                                                                                                                                            http://.jpgFiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                            • Avira URL Cloud: safe
                                                                                                                                                                                                                                                            		low
                                                                                                                                                                                                                                                            https://github.com/google/zopfli0FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002D70000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                              		high
                                                                                                                                                                                                                                                              http://getfiddler.com/FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp, FiddlerSetup.exe, 00000003.00000002.2525824876.0000000000578000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                              • Avira URL Cloud: safe
                                                                                                                                                                                                                                                              		unknown
                                                                                                                                                                                                                                                              http://aia.entrust.net/ts1-chain256.cer01FiddlerSetup.exe, 00000003.00000002.2527704098.0000000002718000.00000004.00000020.00020000.00000000.sdmp, Telerik.NetworkConnections.dll.3.drfalse
                                                                                                                                                                                                                                                                		high
                                                                                                                                                                                                                                                                https://googleads.g.doubleclick.netchromecache_301.27.drfalse
                                                                                                                                                                                                                                                                  		high

                                                                                                                                                                                                                                                                  World Map of Contacted IPs

                                                                                                                                                                                                                                                                  • No. of IPs < 25%
                                                                                                                                                                                                                                                                  • 25% < No. of IPs < 50%
                                                                                                                                                                                                                                                                  • 50% < No. of IPs < 75%
                                                                                                                                                                                                                                                                  • 75% < No. of IPs

                                                                                                                                                                                                                                                                  Public IPs

                                                                                                                                                                                                                                                                  IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                                                                                                  192.29.11.142
                                                                                                                                                                                                                                                                  		p01f.t.eloqua.comUnited States
                                                                                                                                                                                                                                                                  		31898ORACLE-BMC-31898USfalse
                                                                                                                                                                                                                                                                  3.211.190.76
                                                                                                                                                                                                                                                                  		geo.qualaroo.comUnited States
                                                                                                                                                                                                                                                                  		14618AMAZON-AESUSfalse
                                                                                                                                                                                                                                                                  18.65.25.57
                                                                                                                                                                                                                                                                  		static-cdn.hotjar.comUnited States
                                                                                                                                                                                                                                                                  		3MIT-GATEWAYSUSfalse
                                                                                                                                                                                                                                                                  52.252.156.53
                                                                                                                                                                                                                                                                  		api.insight.sitefinity.comUnited States
                                                                                                                                                                                                                                                                  		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                                                                                  18.65.25.14
                                                                                                                                                                                                                                                                  		d2no1x7oj2rkdb.cloudfront.netUnited States
                                                                                                                                                                                                                                                                  		3MIT-GATEWAYSUSfalse
                                                                                                                                                                                                                                                                  74.125.137.156
                                                                                                                                                                                                                                                                  		td.doubleclick.netUnited States
                                                                                                                                                                                                                                                                  		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                  34.240.56.220
                                                                                                                                                                                                                                                                  		unknownUnited States
                                                                                                                                                                                                                                                                  		16509AMAZON-02USfalse
                                                                                                                                                                                                                                                                  50.56.19.116
                                                                                                                                                                                                                                                                  		fiddler2.comUnited States
                                                                                                                                                                                                                                                                  		19994RACKSPACEUSfalse
                                                                                                                                                                                                                                                                  104.18.32.137
                                                                                                                                                                                                                                                                  		privacyportal.onetrust.comUnited States
                                                                                                                                                                                                                                                                  		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                                                                  108.139.9.18
                                                                                                                                                                                                                                                                  		d585tldpucybw.cloudfront.netUnited States
                                                                                                                                                                                                                                                                  		16509AMAZON-02USfalse
                                                                                                                                                                                                                                                                  142.250.141.106
                                                                                                                                                                                                                                                                  		unknownUnited States
                                                                                                                                                                                                                                                                  		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                  142.250.141.104
                                                                                                                                                                                                                                                                  		unknownUnited States
                                                                                                                                                                                                                                                                  		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                  50.56.19.112
                                                                                                                                                                                                                                                                  		telerik.comUnited States
                                                                                                                                                                                                                                                                  		19994RACKSPACEUSfalse
                                                                                                                                                                                                                                                                  13.226.251.88
                                                                                                                                                                                                                                                                  		d6vtbcy3ong79.cloudfront.netUnited States
                                                                                                                                                                                                                                                                  		16509AMAZON-02USfalse
                                                                                                                                                                                                                                                                  142.251.2.156
                                                                                                                                                                                                                                                                  		stats.g.doubleclick.netUnited States
                                                                                                                                                                                                                                                                  		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                  142.251.2.155
                                                                                                                                                                                                                                                                  		googleads.g.doubleclick.netUnited States
                                                                                                                                                                                                                                                                  		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                  31.13.70.36
                                                                                                                                                                                                                                                                  		star-mini.c10r.facebook.comIreland
                                                                                                                                                                                                                                                                  		32934FACEBOOKUSfalse
                                                                                                                                                                                                                                                                  52.200.154.95
                                                                                                                                                                                                                                                                  		q.quora.comUnited States
                                                                                                                                                                                                                                                                  		14618AMAZON-AESUSfalse
                                                                                                                                                                                                                                                                  52.85.205.195
                                                                                                                                                                                                                                                                  		dtzbdy9anri2p.cloudfront.netUnited States
                                                                                                                                                                                                                                                                  		16509AMAZON-02USfalse
                                                                                                                                                                                                                                                                  104.244.42.131
                                                                                                                                                                                                                                                                  		s.twitter.comUnited States
                                                                                                                                                                                                                                                                  		13414TWITTERUSfalse
                                                                                                                                                                                                                                                                  172.64.155.119
                                                                                                                                                                                                                                                                  		unknownUnited States
                                                                                                                                                                                                                                                                  		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                                                                  18.154.206.13
                                                                                                                                                                                                                                                                  		euob.ytwohlcq.telerik.comUnited States
                                                                                                                                                                                                                                                                  		16509AMAZON-02USfalse
                                                                                                                                                                                                                                                                  239.255.255.250
                                                                                                                                                                                                                                                                  		unknownReserved
                                                                                                                                                                                                                                                                  		unknownunknownfalse
                                                                                                                                                                                                                                                                  143.244.50.82
                                                                                                                                                                                                                                                                  		bcltest2.b-cdn.netUnited States
                                                                                                                                                                                                                                                                  		174COGENT-174USfalse
                                                                                                                                                                                                                                                                  104.17.25.14
                                                                                                                                                                                                                                                                  		cdnjs.cloudflare.comUnited States
                                                                                                                                                                                                                                                                  		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                                                                  104.19.177.52
                                                                                                                                                                                                                                                                  		unknownUnited States
                                                                                                                                                                                                                                                                  		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                                                                  142.250.141.99
                                                                                                                                                                                                                                                                  		www.google.comUnited States
                                                                                                                                                                                                                                                                  		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                  152.195.19.97
                                                                                                                                                                                                                                                                  		sni1gl.wpc.gammacdn.netUnited States
                                                                                                                                                                                                                                                                  		15133EDGECASTUSfalse
                                                                                                                                                                                                                                                                  13.107.213.69
                                                                                                                                                                                                                                                                  		part-0041.t-0009.t-msedge.netUnited States
                                                                                                                                                                                                                                                                  		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                                                                                  3.248.162.96
                                                                                                                                                                                                                                                                  		obseu.ytwohlcq.telerik.comUnited States
                                                                                                                                                                                                                                                                  		16509AMAZON-02USfalse
                                                                                                                                                                                                                                                                  104.17.246.203
                                                                                                                                                                                                                                                                  		unpkg.comUnited States
                                                                                                                                                                                                                                                                  		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                                                                  104.19.178.52
                                                                                                                                                                                                                                                                  		cdn.cookielaw.orgUnited States
                                                                                                                                                                                                                                                                  		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                                                                  104.244.42.69
                                                                                                                                                                                                                                                                  		t.coUnited States
                                                                                                                                                                                                                                                                  		13414TWITTERUSfalse
                                                                                                                                                                                                                                                                  143.244.50.213
                                                                                                                                                                                                                                                                  		qualdnt.b-cdn.netUnited States
                                                                                                                                                                                                                                                                  		174COGENT-174USfalse
                                                                                                                                                                                                                                                                  13.226.225.31
                                                                                                                                                                                                                                                                  		script.hotjar.comUnited States
                                                                                                                                                                                                                                                                  		16509AMAZON-02USfalse
                                                                                                                                                                                                                                                                  31.13.70.7
                                                                                                                                                                                                                                                                  		scontent.xx.fbcdn.netIreland
                                                                                                                                                                                                                                                                  		32934FACEBOOKUSfalse
                                                                                                                                                                                                                                                                  146.75.92.157
                                                                                                                                                                                                                                                                  		platform.twitter.map.fastly.netSweden
                                                                                                                                                                                                                                                                  		30051SCCGOVUSfalse
                                                                                                                                                                                                                                                                  34.245.244.146
                                                                                                                                                                                                                                                                  		prod-dem-collector-elb-611025824.eu-west-1.elb.amazonaws.comUnited States
                                                                                                                                                                                                                                                                  		16509AMAZON-02USfalse
                                                                                                                                                                                                                                                                  104.22.54.104
                                                                                                                                                                                                                                                                  		rum-static.pingdom.netUnited States
                                                                                                                                                                                                                                                                  		13335CLOUDFLARENETUSfalse

                                                                                                                                                                                                                                                                  Private

                                                                                                                                                                                                                                                                  IP
                                                                                                                                                                                                                                                                  192.168.2.7

                                                                                                                                                                                                                                                                  General Information

                                                                                                                                                                                                                                                                  Joe Sandbox version:40.0.0 Tourmaline
                                                                                                                                                                                                                                                                  Analysis ID:1430644
                                                                                                                                                                                                                                                                  Start date and time:2024-04-24 01:28:11 +02:00
                                                                                                                                                                                                                                                                  Joe Sandbox product:CloudBasic
                                                                                                                                                                                                                                                                  Overall analysis duration:0h 10m 21s
                                                                                                                                                                                                                                                                  Hypervisor based Inspection enabled:false
                                                                                                                                                                                                                                                                  Report type:full
                                                                                                                                                                                                                                                                  Cookbook file name:default.jbs
                                                                                                                                                                                                                                                                  Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                                                                                                                                                                  Number of analysed new started processes analysed:82
                                                                                                                                                                                                                                                                  Number of new started drivers analysed:0
                                                                                                                                                                                                                                                                  Number of existing processes analysed:0
                                                                                                                                                                                                                                                                  Number of existing drivers analysed:0
                                                                                                                                                                                                                                                                  Number of injected processes analysed:0
                                                                                                                                                                                                                                                                  Technologies:
                                                                                                                                                                                                                                                                  • HCA enabled
                                                                                                                                                                                                                                                                  • EGA enabled
                                                                                                                                                                                                                                                                  • AMSI enabled
                                                                                                                                                                                                                                                                  Analysis Mode:default
                                                                                                                                                                                                                                                                  Analysis stop reason:Timeout
                                                                                                                                                                                                                                                                  Sample name:SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe
                                                                                                                                                                                                                                                                  Detection:MAL
                                                                                                                                                                                                                                                                  Classification:mal40.troj.evad.winEXE@137/328@120/40
                                                                                                                                                                                                                                                                  EGA Information:
                                                                                                                                                                                                                                                                  • Successful, ratio: 66.7%
                                                                                                                                                                                                                                                                  HCA Information:
                                                                                                                                                                                                                                                                  • Successful, ratio: 100%
                                                                                                                                                                                                                                                                  • Number of executed functions: 100
                                                                                                                                                                                                                                                                  • Number of non-executed functions: 54
                                                                                                                                                                                                                                                                  Cookbook Comments:
                                                                                                                                                                                                                                                                  • Found application associated with file extension: .exe

                                                                                                                                                                                                                                                                  Warnings

                                                                                                                                                                                                                                                                  • Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, WMIADAP.exe, SIHClient.exe, SgrmBroker.exe, MoUsoCoreWorker.exe, svchost.exe
                                                                                                                                                                                                                                                                  • Excluded IPs from analysis (whitelisted): 142.251.2.94, 142.251.2.138, 142.251.2.102, 142.251.2.139, 142.251.2.100, 142.251.2.101, 142.251.2.113, 142.251.2.84, 34.104.35.123, 142.251.2.97, 23.64.181.133, 199.232.210.172, 204.79.197.237, 13.107.21.237, 142.250.141.154, 142.250.141.155, 142.250.141.156, 142.250.141.157, 20.125.62.241, 40.76.174.66, 23.62.226.198, 23.62.226.195, 192.229.211.108, 13.107.42.14, 162.159.152.17, 162.159.153.247, 142.250.101.94, 23.220.73.19
                                                                                                                                                                                                                                                                  • Excluded domains from analysis (whitelisted): bat-bing-com.dual-a-0034.a-msedge.net, www.googleadservices.com, slscr.update.microsoft.com, c-msn-com-nsatc.trafficmanager.net, wildcard.en25.com.edgekey.net, clientservices.googleapis.com, time.windows.com, a.quora.com.cdn.cloudflare.net, l-0005.l-msedge.net, clients2.google.com, vmss-clarity-ingest-eus.eastus.cloudapp.azure.com, ocsp.digicert.com, www.googletagmanager.com, sitefinity-insight.ec.azureedge.net, bat.bing.com, update.googleapis.com, azurefd-t-prod.trafficmanager.net, e5763.x.akamaiedge.net, www.google-analytics.com, www-linkedin-com.l-0005.l-msedge.net, clients1.google.com, fs.microsoft.com, accounts.google.com, c-bing-com.dual-a-0034.a-msedge.net, sitefinity-insight.azureedge.net, ctldl.windowsupdate.com, od.linkedin.edgesuite.net, fe3cr.delivery.mp.microsoft.com, edgedl.me.gvt1.com, c.bing.com, dual-a-0034.a-msedge.net, crl3.digicert.com, clients.l.google.com, a1916.dscg2.akamai.net
                                                                                                                                                                                                                                                                  • Execution Graph export aborted for target SetupHelper, PID 7296 because it is empty
                                                                                                                                                                                                                                                                  • HTTPS proxy raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                                                                                                                                                                                                                                  • Not all processes where analyzed, report is missing behavior information
                                                                                                                                                                                                                                                                  • Report size exceeded maximum capacity and may have missing behavior information.
                                                                                                                                                                                                                                                                  • Report size getting too big, too many NtEnumerateKey calls found.
                                                                                                                                                                                                                                                                  • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                                                                                                                                                  • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                                                                                                                                                                                                                                  • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                                                                                                                                                                                                  • Report size getting too big, too many NtSetInformationFile calls found.
                                                                                                                                                                                                                                                                  • VT rate limit hit for: SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe

                                                                                                                                                                                                                                                                  Simulations

                                                                                                                                                                                                                                                                  Behavior and APIs

                                                                                                                                                                                                                                                                  No simulations

                                                                                                                                                                                                                                                                  Joe Sandbox View / Context

                                                                                                                                                                                                                                                                  IPs

                                                                                                                                                                                                                                                                  MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                  50.56.19.116https://www.telerik.com/download/fiddlerGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • fiddler2.com/r/?Fiddler2FirstRun
                                                                                                                                                                                                                                                                  18.65.25.57FFE Order details - Cincy v41720.xlsxGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                    https://www.surveycake.com/s/N01ryGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                      https://click.jipolismall.de/i86/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                        https://new.express.adobe.com/webpage/H1GSRB6Quvi3AGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                          https://in.xero.com/3fOSTuSzDzROVMHgUwoBxlrGcQPUNryKFHKZ5bUO?Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                            http://smtplink.usssa.com/ls/click?upn=WSslNwXrfTzmOiygdbhyJ7rVDJeWlQ-2BpMCY5j9pvVnziMJ3Q-2BTjCI-2Fdn5eFwbZnebr1-2BrkwS9k7rKKw-2FnCdJN8Pakg5qDf1fPmp5CiHNTUre4pQ1mxzdRHLyPWXXrXotWAjo6O6Js6nhLttxTPZ5slM4v9sCcAV2-2BMwuOffvKgaMDXup7g5dDFs1wp4I-2BY6o8cIg42tnGTpcqmmSXHN5T0fbKDv2ErnC378NSUiWUiTzSJkE-2BogYqObLF8hP0-2Fv3pXzPVYaq87z50BVy1ciDmw-3D-3Du37y_RtKn33S6UwcxkEVHV-2Bc41ZFd4-2BrNwfUJ1pyzao2lvtww89l-2B37If09T0Ifp-2FPrDhUPUxOvG4yUcd6YQ4BDkz8fDgLwLLaIuPO2mqqBlXCWUKDaQlwqXaCCmGsJB8Jjn4Rdyol-2BJCxhSQi3ss6-2BIbCU3N8Qmg32tpOG6Jb4xW4jcVPujUG7A0qM-2FRDbpQ9s7mTZbjD-2FVX1FSDIglNDFSDRMhuGq1w-2B-2Fhupcoc2eg5llQSzS5YAYZw3aPAqJJOi067-2BuUaGiF0O3i5y7BDhxylBdaS955jn1QxbjHxIkonj2Ky4ze6TuzhphjdYbAQdd8-2BruzuV-2FS1sZBFt3stqPNlFtF19k6AQKsOMzev9N6jjXcoxiCJ1H6fMrDjwpmrEB85yrMntCFR5H19J2uumaiWLcE0xlFL5QMotL-2FmZ1egjqis9vS0NzAeMiyyQyyoXdWZ3N2YtjUHCjv3NDNAmXxY07sQ8rBvirH9hHzoqLRhh2-2BxiaRH4jhmFoKK1rNnvMJGfhGSBBtPIZZe5hpwj2s-2Fek-2BOCijrNorxQJuGS5uBvmd3y1sTgP5BLfg5LiXMvLdSq-2BtJPL2u1Spo08JC2YN5ZCO4UaWwbb4BcFRBiOvrQqK7x7qtjmVqPpNTQus8RkV7Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                              52.252.156.53https://www.telerik.com/download/fiddlerGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                104.18.32.137https://www.sigtn.com/utils/emt.cfm?client_id=9195153&campaign_id=73466&link=aHR0cHM6Ly9saW5rLm1haWwuYmVlaGlpdi5jb20vbHMvY2xpY2s/dXBuPXUwMDEuejBtZmZPQjFDc0hRa1dFS1BUa2pmNGhNM3k4S1RjcXFzY1h5Ty0yQk5ReDVsc2xZTDljZng5OWJnTk5wUnQyOUFVQkFwdEYwdE1Sb3dBcW0tMkZOQW55a1dsWXNJOU1Jb3NPNVJkLTJCRFplWFVYRGdFanM4NjBvY0dZSDUxRDItMkZKWXNZZlFHVldGaHRRNFYyVzBGT0NGYm9nQ0FORnpjNzdXZ0JTcGUtMkZwdXNzUHBkSXNFTG02bVBSYm5YU1pQZ29kdDJXNU9QMFpfZm1TRy0yRkI0S1JGdHUxTXZ1eTR1bG10c2Y1YTRFZm8tMkZYNE95eEZEZ3NFS2JnYkxnaUtEaUtZNk1iSUdNZXJVM3JXdFI5TUVlUXNiMVR6VzZoSkkzQkxyOXpKOG1WRzlDenlwaHFKeHBXc1pGMk85aEhNLTJGMFlFQ29LV09ELTJGRGpWOXNPdlFybWFFOUFQQ3FYcGJBenpvMGEyenh1T3hOV3pjYmo3NC0yRi0yRlp5SFU2dFdmbER4YUo2aUxzTS0yQnVtYWMyZlVNTTkwYzdtZE9kLTJGRjlkVno3YXl3U2ZDUmNsSHh2cTlCakxmYlM5YnZpRlJJbDBPSlpUSmJRVDFzSjNEbWFzTm45OGdQLTJCcjlIZmNOZktnZ1lXSXZMZi0yQlZlTHRVLTJCNVc0ZGkwaTZ5TnFLZmZjd29qbUpJV0twRmd5RGlBRDRxcUhnQmlCZWVVT0s1UXdUTVhXck9LLTJGZzBVaEZKb01ac3pIbE05cGs0aWJySmc4dHQzZUdWaGZ6T08yT3NvWS0yRktsYlZGdklTT3EzZzd6Um1pTWNVc0NpdHVsRE9ucklqaWlGNFFTRGpUaERidXdpU0xBMUJWWkRqZ3E4NlhsODRzbVZZI3BldGVyQGh1Ym9vLmNvLnVrGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                  https://www.sigtn.com/utils/emt.cfm?client_id=9195153&campaign_id=73466&link=aHR0cHM6Ly9saW5rLm1haWwuYmVlaGlpdi5jb20vbHMvY2xpY2s/dXBuPXUwMDEucklvcWRaR1R1SGJzNzQ0S21jWTQzbm9GN25FNXlXdTZFcUlEQ1JQVW5LVlRsVDF5N0p0RTVORGVVSmxOU254Uk82V2lWVzB6akF4aVNnRXQ4S0dzZUdDb3N4OE9CV0tIQ1VyMmlaRXQ0LTJCM2EtMkZuWXhLOHNYNW1IZ0ZPZFd1VHpnUmNyMHdMYk52c0NadXktMkZiSXRoVDI4bi0yRjdCUy0yQmVINGxDRVExVTQxQU5xSS0zRFhBa0FfdWpTUjJaZ1VvcFZ3R0Y1eWNMcm5nS0Y1andZVnZoMHVzbGExV2Z5ZUs2QXJvYzFDOXFaY3NKZHlBVHNhVnFnZmxkNjlSOE1FQ3J6dHdtVUw5QkliUXRiM1VjUEwxanplbGNyNG1jZGFhdlZNZFE0ejA0ZHFqRC0yRkR4RVlVV1lLM3BjNTBsREpndVd5Z0NZMEZ2LTJGdG9kUkpjSzNjRlYwcDdMYS0yQlh1NjRveEtqVkpFUkV3WGJSekN0dTlZazJBSmgwQVVNeUxiOTVXWlBiTmxOQjlmTXRhbm41aDY2eDByMm5nR2k5QmJkLTJCdWd1Ync2Z092blJheXlKLTJGYXB3eHBSSHpxZHZER21pREhpR09kemxvQVRJQWkxMWR5ZWhpazY3NDRzQ2E3dzl0MWZqU2JvTWpXd1dvdXlVaDJPd0VyLTJCOHJDZTB1VjF6clJDTi0yQjh6Z2R4Y1JibkZ1a3JtNGVJbU5WQUJnSFMtMkZ1S2RrUDdrZkUxUm9PWlVGdWU3bzZkLTJGY3FpMUx2VXVpbW9VbmxzMjRseXRVQzNQdUpiOVlDZ0Zoc29LRlZOMUxvZXloOFFGTERUaEN4VjE5UC0yRmxCWTRpZURUI2NhbmRpY2UuZEBhZGNiLmNvbQ==Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                    https://www.sigtn.com/utils/emt.cfm?client_id=9195153&campaign_id=73466&link=aHR0cHM6Ly9saW5rLm1haWwuYmVlaGlpdi5jb20vbHMvY2xpY2s/dXBuPXUwMDEucklvcWRaR1R1SGJzNzQ0S21jWTQzbm9GN25FNXlXdTZFcUlEQ1JQVW5LVlRsVDF5N0p0RTVORGVVSmxOU254Uk82V2lWVzB6akF4aVNnRXQ4S0dzZUdDb3N4OE9CV0tIQ1VyMmlaRXQ0LTJCM2EtMkZuWXhLOHNYNW1IZ0ZPZFd1VHpnUmNyMHdMYk52c0NadXktMkZiSXRoVDI4bi0yRjdCUy0yQmVINGxDRVExVTQxQU5xSS0zRFhBa0FfdWpTUjJaZ1VvcFZ3R0Y1eWNMcm5nS0Y1andZVnZoMHVzbGExV2Z5ZUs2QXJvYzFDOXFaY3NKZHlBVHNhVnFnZmxkNjlSOE1FQ3J6dHdtVUw5QkliUXRiM1VjUEwxanplbGNyNG1jZGFhdlZNZFE0ejA0ZHFqRC0yRkR4RVlVV1lLM3BjNTBsREpndVd5Z0NZMEZ2LTJGdG9kUkpjSzNjRlYwcDdMYS0yQlh1NjRveEtqVkpFUkV3WGJSekN0dTlZazJBSmgwQVVNeUxiOTVXWlBiTmxOQjlmTXRhbm41aDY2eDByMm5nR2k5QmJkLTJCdWd1Ync2Z092blJheXlKLTJGYXB3eHBSSHpxZHZER21pREhpR09kemxvQVRJQWkxMWR5ZWhpazY3NDRzQ2E3dzl0MWZqU2JvTWpXd1dvdXlVaDJPd0VyLTJCOHJDZTB1VjF6clJDTi0yQjh6Z2R4Y1JibkZ1a3JtNGVJbU5WQUJnSFMtMkZ1S2RrUDdrZkUxUm9PWlVGdWU3bzZkLTJGY3FpMUx2VXVpbW9VbmxzMjRseXRVQzNQdUpiOVlDZ0Zoc29LRlZOMUxvZXloOFFGTERUaEN4VjE5UC0yRmxCWTRpZURUI2NzaGVwcGFyZEBtb29nLmNvbQ==Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                      https://www.sigtn.com/utils/emt.cfm?client_id=9195153&campaign_id=73466&link=aHR0cHM6Ly9saW5rLm1haWwuYmVlaGlpdi5jb20vbHMvY2xpY2s/dXBuPXUwMDEucklvcWRaR1R1SGJzNzQ0S21jWTQzbm9GN25FNXlXdTZFcUlEQ1JQVW5LVlRsVDF5N0p0RTVORGVVSmxOU254Uk82V2lWVzB6akF4aVNnRXQ4S0dzZUdDb3N4OE9CV0tIQ1VyMmlaRXQ0LTJCM2EtMkZuWXhLOHNYNW1IZ0ZPZFd1VHpnUmNyMHdMYk52c0NadXktMkZiSXRoVDI4bi0yRjdCUy0yQmVINGxDRVExVTQxQU5xSS0zRFhBa0FfdWpTUjJaZ1VvcFZ3R0Y1eWNMcm5nS0Y1andZVnZoMHVzbGExV2Z5ZUs2QXJvYzFDOXFaY3NKZHlBVHNhVnFnZmxkNjlSOE1FQ3J6dHdtVUw5QkliUXRiM1VjUEwxanplbGNyNG1jZGFhdlZNZFE0ejA0ZHFqRC0yRkR4RVlVV1lLM3BjNTBsREpndVd5Z0NZMEZ2LTJGdG9kUkpjSzNjRlYwcDdMYS0yQlh1NjRveEtqVkpFUkV3WGJSekN0dTlZazJBSmgwQVVNeUxiOTVXWlBiTmxOQjlmTXRhbm41aDY2eDByMm5nR2k5QmJkLTJCdWd1Ync2Z092blJheXlKLTJGYXB3eHBSSHpxZHZER21pREhpR09kemxvQVRJQWkxMWR5ZWhpazY3NDRzQ2E3dzl0MWZqU2JvTWpXd1dvdXlVaDJPd0VyLTJCOHJDZTB1VjF6clJDTi0yQjh6Z2R4Y1JibkZ1a3JtNGVJbU5WQUJnSFMtMkZ1S2RrUDdrZkUxUm9PWlVGdWU3bzZkLTJGY3FpMUx2VXVpbW9VbmxzMjRseXRVQzNQdUpiOVlDZ0Zoc29LRlZOMUxvZXloOFFGTERUaEN4VjE5UC0yRmxCWTRpZURUI2hha2FuLmd1bmR1ekBkaWdpdHVyay5jb20udHI=Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                        https://yxv.ens.mybluehost.me/Ca/net/login.phpGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                          https://www.sigtn.com/utils/emt.cfm?client_id=9195153&campaign_id=73466&link=aHR0cHM6Ly9saW5rLm1haWwuYmVlaGlpdi5jb20vbHMvY2xpY2s/dXBuPXUwMDEucklvcWRaR1R1SGJzNzQ0S21jWTQzbm9GN25FNXlXdTZFcUlEQ1JQVW5LVlRsVDF5N0p0RTVORGVVSmxOU254Uk82V2lWVzB6akF4aVNnRXQ4S0dzZUdDb3N4OE9CV0tIQ1VyMmlaRXQ0LTJCM2EtMkZuWXhLOHNYNW1IZ0ZPZFd1VHpnUmNyMHdMYk52c0NadXktMkZiSXRoVDI4bi0yRjdCUy0yQmVINGxDRVExVTQxQU5xSS0zRFhBa0FfdWpTUjJaZ1VvcFZ3R0Y1eWNMcm5nS0Y1andZVnZoMHVzbGExV2Z5ZUs2QXJvYzFDOXFaY3NKZHlBVHNhVnFnZmxkNjlSOE1FQ3J6dHdtVUw5QkliUXRiM1VjUEwxanplbGNyNG1jZGFhdlZNZFE0ejA0ZHFqRC0yRkR4RVlVV1lLM3BjNTBsREpndVd5Z0NZMEZ2LTJGdG9kUkpjSzNjRlYwcDdMYS0yQlh1NjRveEtqVkpFUkV3WGJSekN0dTlZazJBSmgwQVVNeUxiOTVXWlBiTmxOQjlmTXRhbm41aDY2eDByMm5nR2k5QmJkLTJCdWd1Ync2Z092blJheXlKLTJGYXB3eHBSSHpxZHZER21pREhpR09kemxvQVRJQWkxMWR5ZWhpazY3NDRzQ2E3dzl0MWZqU2JvTWpXd1dvdXlVaDJPd0VyLTJCOHJDZTB1VjF6clJDTi0yQjh6Z2R4Y1JibkZ1a3JtNGVJbU5WQUJnSFMtMkZ1S2RrUDdrZkUxUm9PWlVGdWU3bzZkLTJGY3FpMUx2VXVpbW9VbmxzMjRseXRVQzNQdUpiOVlDZ0Zoc29LRlZOMUxvZXloOFFGTERUaEN4VjE5UC0yRmxCWTRpZURUI2V4cGVkaXRpbmdAYmVpbi5jb20=Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                            https://www.auton.com.br/rdv/natfa/netfo/app/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                              https://app.esign.docusign.com/e/er?utm_campaign=GBL_XX_DBU_NEW_2307_FreetoTrialUnlock_Email1AU&utm_medium=email&utm_source=Eloqua&elqCampaignId=29542&s=566810826&lid=32871&elqTrackId=1034fb987fd44c9a9a4d0833ff06a55d&elq=89d72859fe264966a0176d4309dbb1a6&elqaid=60251&elqat=1Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                http://ranchpools.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                  https://flow.page/resourcepro.comGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                    52.200.154.95http://www.malwaredomainlist.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                      http://56hytuti5.weebly.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                        https://optout.oracle-zoominfo-notice.com/acton/ct/45126/s-00af-2402/Bct/g-00f2/l-00ec:354715/ct4_0/1/lu?sid=TV2%3A4u31Bv17KGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                          https://windows360help.com/?domain=amateurok.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            50.56.19.112https://www.telerik.com/download/fiddlerGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • www.telerik.com/download/fiddler/first-run

                                                                                                                                                                                                                                                                                                            Domains

                                                                                                                                                                                                                                                                                                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                            d6vtbcy3ong79.cloudfront.nethttps://www.telerik.com/download/fiddlerGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 143.204.214.44
                                                                                                                                                                                                                                                                                                            sni1gl.wpc.gammacdn.nethttps://t.ly/mV-Qq#M=SmFuLVBldGVyLkhlaXNlQG5vcnRvbnJvc2VmdWxicmlnaHQuY29tGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                            • 152.195.19.97
                                                                                                                                                                                                                                                                                                            https://www.telerik.com/download/fiddlerGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 152.199.21.175
                                                                                                                                                                                                                                                                                                            https://goo.gs/dlrzpGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 152.199.21.175
                                                                                                                                                                                                                                                                                                            https://eccfo1.eu/1f34fac4-2ab4-4dfb-8248-a8cdec56b8f9/bS5iYWtrZXJAYnBkLm5sGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 152.199.21.175
                                                                                                                                                                                                                                                                                                            https://msbizappslaunchevent.eventcore.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 152.199.21.175
                                                                                                                                                                                                                                                                                                            https://click.email2.office.com/?qs=5e98f9ee2681f4c4ac56c1c534c620344add300e27d839a25c3ba32bed101b7d42b4bb5c880b0e72216b5c8c1e98c4204b33c8b94c929bd9aab7074e7938dceaGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 152.199.21.175
                                                                                                                                                                                                                                                                                                            http://U6O0IW25pL2043.shaitimkhabar.com####/.U6O0IW25pL.aHR0cHM6Ly9vYmplY3RzdG9yYWdlLnVzLXNhbmpvc2UtMS5vcmFjbGVjbG91ZC5jb20vbi9heDhvNnVpazhxZGkvYi9idWNrZXQtMjAyMjA0MTUtMjA1Ni9vL251bWMuaHRtbCNhcHJpbC52YXNxdWV6QGNmaXNkLm5ldA==Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                            • 152.199.21.175
                                                                                                                                                                                                                                                                                                            http://k5bvuzjdn46149.shaitimkhabar.com/####/.K5BVUZJDN4.aHR0cHM6Ly9vYmplY3RzdG9yYWdlLnVzLXNhbmpvc2UtMS5vcmFjbGVjbG91ZC5jb20vbi9heDhvNnVpazhxZGkvYi9idWNrZXQtMjAyMjA0MTUtMjA1Ni9vL251bWMuaHRtbCNqb2huLmh1cmxleUBhdmFub3MuY29tGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                            • 152.199.21.175
                                                                                                                                                                                                                                                                                                            http://www.selectscience.net/go/?itemID=79&itemTypeID=4&linkID=ctabutton&mailID=18205&email=towerfcu.org&URL=http://4hw37.jedz.co.za#/.#.aHR0cHM6Ly9yaXNpbXNncm91cC5jb20vcmVkL3Rvd2VyZmN1Lm9yZy9rYXJlbi5tYWd1aXJlQHRvd2VyZmN1Lm9yZw==Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                            • 152.199.21.175
                                                                                                                                                                                                                                                                                                            https://mas55.000webhostapp.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 152.199.21.175
                                                                                                                                                                                                                                                                                                            platform.twitter.map.fastly.nethttps://www.3rujia.cn/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 146.75.92.157
                                                                                                                                                                                                                                                                                                            http://divbracket.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 146.75.40.157
                                                                                                                                                                                                                                                                                                            _file____C__Users_hp_Downloads_C__Users_moodyt_AppData_Local_Temp_2_RemittanceAdvice17-Apr-2024.htmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 151.101.20.157
                                                                                                                                                                                                                                                                                                            Remittance. #U0440df.htmlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                            • 151.101.20.157
                                                                                                                                                                                                                                                                                                            https://5gpzyf.cn/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 151.101.20.157
                                                                                                                                                                                                                                                                                                            https://hysbzybllsyxgsn9a.szwlu.cn/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 151.101.12.157
                                                                                                                                                                                                                                                                                                            https://fjx20240202.j4ruse.cn/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 151.101.20.157
                                                                                                                                                                                                                                                                                                            https://in.xero.com/m/g4EjeZDud5lCeLiKvMaATTgixUJedYwIXI96osSo?utm_source=invoiceEmailViewInvoiceButton&utm_campaign=invoicesEmailStandardV2Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 151.101.20.157
                                                                                                                                                                                                                                                                                                            https://6utryo.cn/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 146.75.40.157
                                                                                                                                                                                                                                                                                                            https://baotenlink.cn/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 151.101.12.157
                                                                                                                                                                                                                                                                                                            p01f.t.eloqua.comhttps://www.telerik.com/download/fiddlerGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 142.0.173.26
                                                                                                                                                                                                                                                                                                            privacyportal.onetrust.comhttps://yxv.ens.mybluehost.me/Ca/net/login.phpGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 172.64.155.119
                                                                                                                                                                                                                                                                                                            http://cf-ipfs.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 104.18.32.137
                                                                                                                                                                                                                                                                                                            https://sociallinks.lt.acemlnb.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZzb2NpYWxsaW5rcy5pbyUyRm9zaW50LXdlYmluYXJzJTJGd2ViaW5hci1lbmhhbmNpbmctYW1sLWludmVzdGlnYXRpb25zLXdpdGgtb3NpbnQlM0Z1dG1fc291cmNlJTNEZW1haWwlMjZ1dG1fbWVkaXVtJTNEd2ViaW5hciUyNnV0bV9jYW1wYWlnbiUzRGFtbF8wNF8yNA==&sig=bEXSTLMngghhoUjnhUiGrKrf6GsWGU1eAwJ54z8GbBH&iat=1712921684&a=%7C%7C612077526%7C%7C&account=sociallinks%2Eactivehosted%2Ecom&email=I4809riumLU7t4jf%2BoK9uHOsQeuYYw6CYkuCsQDv%3AFRtI69CZolNJDOUhiGMO%2BO9bqaecpEWw&s=f7847248dd0f6e35d5eb6514571a7081&i=993A1018A3A5488Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 172.64.155.119
                                                                                                                                                                                                                                                                                                            https://sociallinks.lt.acemlnb.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZzb2NpYWxsaW5rcy5pbyUyRm9zaW50LXdlYmluYXJzJTJGd2ViaW5hci1lbmhhbmNpbmctYW1sLWludmVzdGlnYXRpb25zLXdpdGgtb3NpbnQlM0Z1dG1fc291cmNlJTNEZW1haWwlMjZ1dG1fbWVkaXVtJTNEd2ViaW5hciUyNnV0bV9jYW1wYWlnbiUzRGFtbF8wNF8yNA==&sig=bEXSTLMngghhoUjnhUiGrKrf6GsWGU1eAwJ54z8GbBH&iat=1712921684&a=%7C%7C612077526%7C%7C&account=sociallinks%2Eactivehosted%2Ecom&email=I4809riumLU7t4jf%2BoK9uHOsQeuYYw6CYkuCsQDv%3AFRtI69CZolNJDOUhiGMO%2BO9bqaecpEWw&s=f7847248dd0f6e35d5eb6514571a7081&i=993A1018A3A5488Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 104.18.32.137
                                                                                                                                                                                                                                                                                                            https://sociallinks.lt.acemlnb.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZzb2NpYWxsaW5rcy5pbyUyRm9zaW50LXdlYmluYXJzJTJGd2ViaW5hci1lbmhhbmNpbmctYW1sLWludmVzdGlnYXRpb25zLXdpdGgtb3NpbnQlM0Z1dG1fc291cmNlJTNEZW1haWwlMjZ1dG1fbWVkaXVtJTNEd2ViaW5hciUyNnV0bV9jYW1wYWlnbiUzRGFtbF8wNF8yNA==&sig=bEXSTLMngghhoUjnhUiGrKrf6GsWGU1eAwJ54z8GbBH&iat=1712921684&a=%7C%7C612077526%7C%7C&account=sociallinks%2Eactivehosted%2Ecom&email=I4809riumLU7t4jf%2BoK9uHOsQeuYYw6CYkuCsQDv%3AFRtI69CZolNJDOUhiGMO%2BO9bqaecpEWw&s=f7847248dd0f6e35d5eb6514571a7081&i=993A1018A3A5488Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 104.18.32.137
                                                                                                                                                                                                                                                                                                            http://cf-ipfs.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 172.64.155.119
                                                                                                                                                                                                                                                                                                            https://hp.com@7a4934b5.75f9cba4c4b98762485a1fd9.workers.dev/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                            • 104.18.32.137
                                                                                                                                                                                                                                                                                                            https://wechatunsuscribe.secure.force.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 172.64.155.119
                                                                                                                                                                                                                                                                                                            https://aragov.my.salesforce.com/00Q8y000002D31xGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 104.18.32.137
                                                                                                                                                                                                                                                                                                            https://falcon.us-2.crowdstrike.com/search/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 172.64.155.119

                                                                                                                                                                                                                                                                                                            ASNs

                                                                                                                                                                                                                                                                                                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                            ORACLE-BMC-31898USRemittance. #U0440df.htmlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                            • 193.122.130.38
                                                                                                                                                                                                                                                                                                            ATTHACHED SCAN-P.O SPECIFICATIONS.009.24. 001.docGet hashmaliciousSnake KeyloggerBrowse
                                                                                                                                                                                                                                                                                                            • 193.122.6.168
                                                                                                                                                                                                                                                                                                            pGTQLD9ukH.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                            • 193.122.239.120
                                                                                                                                                                                                                                                                                                            pJNcZyhUh8.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                            • 193.122.239.110
                                                                                                                                                                                                                                                                                                            g2PqnVy6cQ.elfGet hashmaliciousMirai, OkiruBrowse
                                                                                                                                                                                                                                                                                                            • 144.25.156.10
                                                                                                                                                                                                                                                                                                            b3astmode.x86.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 168.138.235.164
                                                                                                                                                                                                                                                                                                            order.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 158.101.44.242
                                                                                                                                                                                                                                                                                                            KSRRrEMt1w.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                            • 147.154.227.149
                                                                                                                                                                                                                                                                                                            4QuhksnsA6.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 130.61.64.122
                                                                                                                                                                                                                                                                                                            https://app.esign.docusign.com/e/er?utm_campaign=GBL_XX_DBU_NEW_2307_FreetoTrialUnlock_Email1AU&utm_medium=email&utm_source=Eloqua&elqCampaignId=29542&s=566810826&lid=32871&elqTrackId=1034fb987fd44c9a9a4d0833ff06a55d&elq=89d72859fe264966a0176d4309dbb1a6&elqaid=60251&elqat=1Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 192.29.14.118
                                                                                                                                                                                                                                                                                                            AMAZON-AESUSKxgGGaiW3E.exeGet hashmaliciousQuasarBrowse
                                                                                                                                                                                                                                                                                                            • 34.195.193.219
                                                                                                                                                                                                                                                                                                            https://lithiuimvalley.com/ssdGet hashmaliciousHtmlDropper, HTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                            • 34.234.52.18
                                                                                                                                                                                                                                                                                                            http://divbracket.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 54.144.144.142
                                                                                                                                                                                                                                                                                                            https://acrobat.adobe.com/id/urn:aaid:sc:AP:c47bd847-0028-43f6-8564-6c8445af0eccGet hashmaliciousHtmlDropper, HTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                            • 52.71.63.232
                                                                                                                                                                                                                                                                                                            _file____C__Users_hp_Downloads_C__Users_moodyt_AppData_Local_Temp_2_RemittanceAdvice17-Apr-2024.htmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 34.204.127.115
                                                                                                                                                                                                                                                                                                            Remittance. #U0440df.htmlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                            • 23.23.219.186
                                                                                                                                                                                                                                                                                                            http://geoguesser.com/seterra/en-an/vpg/3811?C=K44CTGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 23.20.165.17
                                                                                                                                                                                                                                                                                                            23xCOZerXg.exeGet hashmaliciousPureLog Stealer, Xmrig, zgRATBrowse
                                                                                                                                                                                                                                                                                                            • 54.209.244.119
                                                                                                                                                                                                                                                                                                            https://go-g3t-msg.com/clk/a_OsB_gBHRWO62vTWAvzpOfGhlvCmgnqQuB_nVFpwp0KsQNH4MVSSKRIuzJYdR_BaVVJ5ZUVsLA7nr4fsUb6_LUiF6WGpw3bjwuz5vIgSMwTtrE34sfAdm_UkarEQxhut5pfRW1RXCEHttsR2H4S_hK5eTdM2QP7CpynnqXHAbBrQcsZM-9kqSh5d_nLiZhEZPZ8-fFHjtAo-IjMx8qNxpwUaG3dVXhIP_Sup8raijFjXrg2qZL33tH_5PvkpDXJwZtdK-fqRvdTEjPP1v26xG4zHKIduU5irbL6N1Be1W_4vpi6D3s8twjJ8VAELgUZErAiigzfRVU0knOdQpcprkwW48npT3pYYpFqQU_lE9JBwESVd70JOVQuZWj_0cT7YVVRRta1y8F8vjFBDtNL73BXlqjP5sWlGZtuOnQDJ-iEKMXGy1W4uSrGBn5j07qBR3I1glqsVkAz7msz4iUFsVZ76hS_yvRcDNZBMYnXgKJRgA1A2nVJ9rwv5a55G82GhCYmOQvkUs0eG7vFHjr8gNQtxUn0q5LeVhTPJbym_uRj-gxiLJDjsLnSJXJ4eGtDvxVqhkaqM2P03jYs6BzR_fyd4ak2ZNKBm4FiGWKP44e6keEO2eNlfhZPBYG9OMlI3UM7jaU5YayqoO3ZGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 54.157.24.8
                                                                                                                                                                                                                                                                                                            SOA.pdf.exeGet hashmaliciousFormBookBrowse
                                                                                                                                                                                                                                                                                                            • 44.219.53.183
                                                                                                                                                                                                                                                                                                            MIT-GATEWAYSUShttps://condoresorts.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 18.65.25.116
                                                                                                                                                                                                                                                                                                            https://lithiuimvalley.com/ssdGet hashmaliciousHtmlDropper, HTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                            • 18.164.78.86
                                                                                                                                                                                                                                                                                                            https://www.canva.com/design/DAGDQX9C1RA/ikoShuUWpLZHCz9c3cYitg/view?utm_content=DAGDQX9C1RA&utm_campaign=designshare&utm_medium=link&utm_source=editor__;!!CyJlM5U!9gbXWj2ch6yN1Y5XKwfOUHQShQIbTlzYRSO4Um3mFsV2g5g0oW-nJ8MZWZtDhmirJBaPx4ZvIj53wB9NG9AkzdEZQzUOutWiQQ$Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 18.164.78.88
                                                                                                                                                                                                                                                                                                            http://browser-intake-foxbusiness.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 18.160.64.182
                                                                                                                                                                                                                                                                                                            _file____C__Users_hp_Downloads_C__Users_moodyt_AppData_Local_Temp_2_RemittanceAdvice17-Apr-2024.htmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 18.119.20.139
                                                                                                                                                                                                                                                                                                            Remittance. #U0440df.htmlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                            • 18.160.46.91
                                                                                                                                                                                                                                                                                                            http://geoguesser.com/seterra/en-an/vpg/3811?C=K44CTGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 18.160.18.111
                                                                                                                                                                                                                                                                                                            https://www.msn.com/en-us/autos/enthusiasts/what-s-the-difference-between-a-shelby-mustang-and-a-regular-mustang/ar-AA1ntM5Z?ocid=entnewsntp&pc=U531&cvid=8b8aa9e3e14d4164a6a2181020104694&ei=36Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 18.64.155.37
                                                                                                                                                                                                                                                                                                            oVOImRIAaz.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                            • 19.2.62.148
                                                                                                                                                                                                                                                                                                            NMdpQecbkg.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                            • 18.16.189.252
                                                                                                                                                                                                                                                                                                            MICROSOFT-CORP-MSN-AS-BLOCKUShttps://wmicrosouab-4ba8.udydzj.workers.dev/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                            • 13.107.213.69
                                                                                                                                                                                                                                                                                                            https://uqgekpc20qn1.azureedge.net/6466/Get hashmaliciousTechSupportScamBrowse
                                                                                                                                                                                                                                                                                                            • 13.107.213.69
                                                                                                                                                                                                                                                                                                            https://netorg442802-my.sharepoint.com/:b:/g/personal/darek_daronto_com/EeXtnEaZ3XJBqGk13it6odUB-K9vuYAC7zp7SfyciZ3BpQ?e=nkKu2wGet hashmaliciousHtmlDropper, HTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                            • 13.89.178.26
                                                                                                                                                                                                                                                                                                            https://netorg442802-my.sharepoint.com/:b:/g/personal/darek_daronto_com/EeXtnEaZ3XJBqGk13it6odUB-K9vuYAC7zp7SfyciZ3BpQ?e=nkKu2wGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 13.107.136.10
                                                                                                                                                                                                                                                                                                            https://condoresorts.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 13.107.246.69
                                                                                                                                                                                                                                                                                                            https://u44058082.ct.sendgrid.net/ls/click?upn=u001.wjMLvmoK1OC9dTKy5UL4VbqcIJmZWkGKJypB0ZF6j6rXk8HVnxe0g2af-2BenroUoONz6EEWthgE-2Bi2vVRUosKTZRVQ5v63hCdxrdKCztVooIv51imK8tr-2Bb3beAsH6u-2FNluJlUKmd7nST-2B9m-2Bl2Rgv4y6uHLimO0TjhZzZ-2F-2BDlllJQne3tT99z6x4W12pJpddTL-2BoJ2-2Bdo6961pFN3dV2Rg-3D-3DeWGT_h-2FW4DSvZGhKY-2FmU3Rq-2F3L-2FXo2OZSHdaVvlpgAgHQWDXPYB9CNYi-2FcvonFCbsEhjt9RP-2BQa7dTwbMJOOaP3JRnMW6mQAitl6qAb1EkaAR-2BmnZDE6Bi3ooqtCrrMW-2F3TPNMK3AVi1YKIdTOZivmUJGaXdrtbqCykfnTTkN9KMRy80rdRqf6LWUCYWGeeaXb-2BD6jokMbr-2FaJKvKMHDNWAfHyhaE6QO9pw7souFUseKb40g-3DGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                            • 52.96.189.2
                                                                                                                                                                                                                                                                                                            zlONcFaXkc.exeGet hashmaliciousPureLog Stealer, Xmrig, zgRATBrowse
                                                                                                                                                                                                                                                                                                            • 23.101.168.44
                                                                                                                                                                                                                                                                                                            KxgGGaiW3E.exeGet hashmaliciousQuasarBrowse
                                                                                                                                                                                                                                                                                                            • 13.107.213.41
                                                                                                                                                                                                                                                                                                            EXTERNAL Bonnie St Dryden is inviting you to collaborate on One_docx(Apr 23) DOC3848493.msgGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                            • 40.126.32.136
                                                                                                                                                                                                                                                                                                            https://forms.osi.office365.us/r/sWNQn6JMmpGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 52.127.240.61

                                                                                                                                                                                                                                                                                                            JA3 Fingerprints

                                                                                                                                                                                                                                                                                                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                            28a2c9bd18a11de089ef85a160da29e4https://wmicrosouab-4ba8.udydzj.workers.dev/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                            • 52.165.165.26
                                                                                                                                                                                                                                                                                                            • 23.1.102.27
                                                                                                                                                                                                                                                                                                            https://uqgekpc20qn1.azureedge.net/6466/Get hashmaliciousTechSupportScamBrowse
                                                                                                                                                                                                                                                                                                            • 52.165.165.26
                                                                                                                                                                                                                                                                                                            • 23.1.102.27
                                                                                                                                                                                                                                                                                                            https://www.3rujia.cn/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 52.165.165.26
                                                                                                                                                                                                                                                                                                            • 23.1.102.27
                                                                                                                                                                                                                                                                                                            https://windowdefalerts-error0x21916-alert-virus-detected.pages.dev/Get hashmaliciousHTMLPhisher, TechSupportScamBrowse
                                                                                                                                                                                                                                                                                                            • 52.165.165.26
                                                                                                                                                                                                                                                                                                            • 23.1.102.27
                                                                                                                                                                                                                                                                                                            https://windowdefalerts-error0x21915-alert-virus-detected.pages.dev/Get hashmaliciousHTMLPhisher, TechSupportScamBrowse
                                                                                                                                                                                                                                                                                                            • 52.165.165.26
                                                                                                                                                                                                                                                                                                            • 23.1.102.27
                                                                                                                                                                                                                                                                                                            https://storage.googleapis.com/sjajsskdkasdk0038.appspot.com/65743.htmlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                            • 52.165.165.26
                                                                                                                                                                                                                                                                                                            • 23.1.102.27
                                                                                                                                                                                                                                                                                                            https://auhsdbfjabsdfjs.z13.web.core.windows.net/Er0Win8helpline76/index.htmlGet hashmaliciousTechSupportScamBrowse
                                                                                                                                                                                                                                                                                                            • 52.165.165.26
                                                                                                                                                                                                                                                                                                            • 23.1.102.27
                                                                                                                                                                                                                                                                                                            https://magnisteel.lk/4765445b-32c6-49b0-83e6-1d93765276ca.phpGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                            • 52.165.165.26
                                                                                                                                                                                                                                                                                                            • 23.1.102.27
                                                                                                                                                                                                                                                                                                            https://netorg442802-my.sharepoint.com/:b:/g/personal/darek_daronto_com/EeXtnEaZ3XJBqGk13it6odUB-K9vuYAC7zp7SfyciZ3BpQ?e=nkKu2wGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 52.165.165.26
                                                                                                                                                                                                                                                                                                            • 23.1.102.27
                                                                                                                                                                                                                                                                                                            https://saranah.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 52.165.165.26
                                                                                                                                                                                                                                                                                                            • 23.1.102.27

                                                                                                                                                                                                                                                                                                            Dropped Files

                                                                                                                                                                                                                                                                                                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Programs\Fiddler\Analytics.dllhttps://www.telerik.com/download/fiddlerGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Programs\Fiddler\DotNetZip.dllhttps://www.telerik.com/download/fiddlerGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                Vialab3Setup_Update_v03.01.00.00.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  Vialab3Setup_Full_v03.01.00.00.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    5BM16m7cDP.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Programs\Fiddler\Be.Windows.Forms.HexBox.dllUpdate_browser_17.645327.jsGet hashmaliciousNetSupport RATBrowse
                                                                                                                                                                                                                                                                                                                        Update_browser_17.645329.jsGet hashmaliciousNetSupport RATBrowse
                                                                                                                                                                                                                                                                                                                          Update_browser_17.6436.jsGet hashmaliciousNetSupport RATBrowse
                                                                                                                                                                                                                                                                                                                            Update_browser_17.645330.jsGet hashmaliciousNetSupport RATBrowse
                                                                                                                                                                                                                                                                                                                              Update_browser_17.645328.jsGet hashmaliciousNetSupport RATBrowse
                                                                                                                                                                                                                                                                                                                                https://www.telerik.com/download/fiddlerGet hashmaliciousUnknownBrowse

                                                                                                                                                                                                                                                                                                                                  Created / dropped Files

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\SetupHelper.log

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Programs\Fiddler\SetupHelper
                                                                                                                                                                                                                                                                                                                                  File Type:CSV text
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):425
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.353683843266035
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:12:Q3La/KDLI4MWuPTAOKbbDLI4MWuPJKAVKhav:ML9E4KlKDE4KhKiKhk
                                                                                                                                                                                                                                                                                                                                  MD5:859802284B12C59DDBB85B0AC64C08F0
                                                                                                                                                                                                                                                                                                                                  SHA1:4FDDEFC6DB9645057FEB3322BE98EF10D6A593EE
                                                                                                                                                                                                                                                                                                                                  SHA-256:FB234B6DAB715ADABB23E450DADCDBCDDFF78A054BAF19B5CE7A9B4206B7492B
                                                                                                                                                                                                                                                                                                                                  SHA-512:8A371F671B962AE8AE0F58421A13E80F645FF0A9888462C1529B77289098A0EA4D6A9E2E07ABD4F96460FCC32AA87B0581CA4D747E77E69C3620BF1368BA9A67
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:1,"fusion","GAC",0..1,"WinRT","NotApp",1..3,"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System\920e3d1d70447c3c10e69e6df0766568\System.ni.dll",0..3,"System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\8b2c1203fd20aea8260bfbc518004720\System.Core.ni.dll",0..

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\Analytics.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):33224
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.525851583552875
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:384:gpeCB0nVQ/EMq7+Zi9nQwnHgfLtVUEoBXejF6XFlnwnYPLYyTcGq1y2h33XcQ7:/U0VQMMrZi9QiHWtVxOFxwxGqXR7
                                                                                                                                                                                                                                                                                                                                  MD5:1C2BD080B0E972A3EE1579895EA17B42
                                                                                                                                                                                                                                                                                                                                  SHA1:A09454BC976B4AF549A6347618F846D4C93B769B
                                                                                                                                                                                                                                                                                                                                  SHA-256:166E1A6CF86B254525A03D1510FE76DA574F977C012064DF39DD6F4AF72A4B29
                                                                                                                                                                                                                                                                                                                                  SHA-512:946E56D543A6D00674D8FA17ECD9589CBA3211CFA52C978E0C9DAB0FA45CDFC7787245D14308F5692BD99D621C0CACA3C546259FCFA725FFF9171B144514B6E0
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox View:
                                                                                                                                                                                                                                                                                                                                  • Filename: , Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...4.+[.........." ..0..F...........e... ........... ....................................`..................................d..O....................N...3.......... d............................................... ............... ..H............text....E... ...F.................. ..`.rsrc................H..............@..@.reloc...............L..............@..B.................d......H............4...................c.......................................0..)........{.........(....t......|......(...+...3.*....0..)........{.........(....t......|......(...+...3.*J.(.....s....}....*.0...........{......,....o......&..*.................0..S........{....,..H..}.....,9.{....o.....+..o.....o.....o....-....,..o......~....o......&..*....... ..8..........OO.......0..S........{....-..H..}.....{....o.....+..o......u....,..u....o.....o....-....,..o.......&..*.........

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\Analytics.pdb

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:MSVC program database ver 7.00, 512*95 bytes
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):48640
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):3.4063107578330305
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:384:IzCZdxQVINRdRoNFAYAz3GclBLEKiuNCFJkOLxYbs63N:fxz3oNqbTLUnjpLxY
                                                                                                                                                                                                                                                                                                                                  MD5:F84FB6CD84B5D07E3DE4D78D38F388FF
                                                                                                                                                                                                                                                                                                                                  SHA1:0B31F09EEB1AF0681614C2F9F90D98B541DF580F
                                                                                                                                                                                                                                                                                                                                  SHA-256:03CA5A20D36BBC0AEA28AA3184D65B322CECC3080D55A975CDF0F5D31199829D
                                                                                                                                                                                                                                                                                                                                  SHA-512:03FA13B39D4FAE8BC83B4F37CF24AAFC8C4A12A5DB0462968AE6A0C96232D727DF9264D190FF641115921E350A1981AD518A4740C20E54C433B2F2065522AD52
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:Microsoft C/C++ MSF 7.00...DS..........._...........[...................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\App.ico

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:MS Windows icon resource - 8 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):25517
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):3.599286303451927
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:768:iYgTDEuowwuwwwwowwwwwwIwwwwwwwwOwwwwwwwwwwIwwwwwwwwwwwwowwwwwwws:iYKowwuwwwwowwwwwwIwwwwwwwwOwww8
                                                                                                                                                                                                                                                                                                                                  MD5:2D49CDB07BAAD04A2BC9F50547783C6A
                                                                                                                                                                                                                                                                                                                                  SHA1:604BAC84FD8AE87BBE9DC9A7C6503CB3A4014839
                                                                                                                                                                                                                                                                                                                                  SHA-256:FBE4D11CA28371BF36D48378A9E1DA29DCE0EFC373FF4E092E47B656505FC4C4
                                                                                                                                                                                                                                                                                                                                  SHA-512:CDEDF711EAD1C551D33050DB4C9502E09F50534904B1ABFCE72AAF64846A9032886BDB19F31AF30C1E1A46303CD147091E4ECF244486934D8B3B7F3B7B25521D
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:...... ......................h............. .........00.... ..%...... .... .....]>........ ......O........ ......X........ .h...E_..(... ...@...................................9. .:.!.@.'.B.*.C.,.D.,.I.1.K.4.L.6.Y.D.^.J.a.M.k.Y.k.].s.a.p.f...r...v...x.......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\Be.Windows.Forms.HexBox.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):61816
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.170522177953126
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:1536:/KS4Z+5ZUOxinOGm7kF5Gw5qQ0DaK/nbL0LolKo4I/AhYe:T4ZkiHOGT0Dpf08Bve
                                                                                                                                                                                                                                                                                                                                  MD5:E6F7B8C5EC4D1543EAA7F5D148C6327C
                                                                                                                                                                                                                                                                                                                                  SHA1:61A5BF82B4F7DA4040F76E7AEC4B4B5FE0C544EC
                                                                                                                                                                                                                                                                                                                                  SHA-256:BBFD21490A4BE96E1A44A92E39406E87978AEA1FC58B603702E4E21A143DD89E
                                                                                                                                                                                                                                                                                                                                  SHA-512:6F4516677937F6D58D250F7B6A50F3815691F84AC17E455DD09DC6D4ECC215A8A8EA000706885C858708603223661908067ED36C037766A52D15F2EB33AF1FC4
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox View:
                                                                                                                                                                                                                                                                                                                                  • Filename: Update_browser_17.645327.js, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                  • Filename: Update_browser_17.645329.js, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                  • Filename: Update_browser_17.6436.js, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                  • Filename: Update_browser_17.645330.js, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                  • Filename: Update_browser_17.645328.js, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                  • Filename: , Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...0..T...........!..................... ........... ....................... ......9.....@.....................................O.......................x3........................................................... ............... ..H............text...4.... ...................... ..`.rsrc...............................@..@.reloc..............................@..B........................H.......Ho...e...........n................................................(....*:.(......(....*..(....*..0..&........(......i........}.......{......(....*Z.{....-.......*.{....*v..}.....{....,..{......o....*Z.{....,..{......o....*..{....*"..}....*..0..)........{.........(....t......|......(...+...3.*....0..)........{.........(....t......|......(...+...3.*....0..)........{.........(....t......|......(...+...3.*....0..)........{.........(....t......|......(...+...3.**.{......*

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\Countdown.wav

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 22050 Hz
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):1406
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):1.5924009631413472
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:12:MREwW732ltVOelT71qf4lhk7F5JU1OGuNE0EsHsktLhZv:QEH32l+elTy4lh2F5q9u9hhZv
                                                                                                                                                                                                                                                                                                                                  MD5:3241067E4D532F5FEB4AD907076946B0
                                                                                                                                                                                                                                                                                                                                  SHA1:9130FEFCAA638B7128C09EA12EE81A4D3A8AA720
                                                                                                                                                                                                                                                                                                                                  SHA-256:E10937BD9491CC7944C8C5904FAA3ECD971B329438CC1E5FE606CE731DC15DBC
                                                                                                                                                                                                                                                                                                                                  SHA-512:D9F189C89242594F9FD89C353037F2822B7869639C30984C424F7C45AD2F5135808EBCB776A6D7730F479147A3CCC9F33C246E33B7C1CCAA140B72DB93219600
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:RIFFv...WAVEfmt ........"V..D.......dataR...............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\DotNetZip.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):460288
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.811814812043012
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:6144:WuCIjULqwIvFC/scNRmglrCYc9vnIJtrGtSV41kJDsTDDfiSLe6XOxLV/f:kDLZrPtLWn7S4csHiSe6+ff
                                                                                                                                                                                                                                                                                                                                  MD5:11BBDF80D756B3A877AF483195C60619
                                                                                                                                                                                                                                                                                                                                  SHA1:99ACA4F325D559487ABC51B0D2EBD4DCA62C9462
                                                                                                                                                                                                                                                                                                                                  SHA-256:698E4BEEBA26363E632CBBB833FC8000CF85AB5449627BF0EDC8203F05A64FA1
                                                                                                                                                                                                                                                                                                                                  SHA-512:AD9C16481F95C0E7CF5158D4E921CA7534F580310270FA476E9EBD15D37EEE2AB43E11C12D08846EAE153F0B43FBA89590D60CA00551F5096076D3CF6AA4CE29
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Joe Sandbox View:
                                                                                                                                                                                                                                                                                                                                  • Filename: , Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                  • Filename: Vialab3Setup_Update_v03.01.00.00.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                  • Filename: Vialab3Setup_Full_v03.01.00.00.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                  • Filename: 5BM16m7cDP.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....U._.........." ..0.............*.... ... ....... .......................`............@.....................................O.... .......................@....................................................... ............... ..H............text...P.... ...................... ..`.rsrc........ ......................@..@.reloc.......@......................@..B........................H...........H...........@..../.. .........................................{....*"..}....*.*..(....*..0..F.......s....%r...po ....{.........(<...o ...r...po ....|....(!...o ...&o"...*...0...........s#......o$...(....*.0.............{......E............,.......8...D...+Q..{..........+M..{.......+A..{..........+2..{.......+&..{.......+...{..........+.r...ps%...z.*6..om...(....*..(....*....0..a.......s....%.|..........o"...o ...r...po ....{.........(<...o ...r...po ....|....r#..p

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\EnableLoopback.exe

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):84304
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.63995404911535
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:768:JyEI16zcI2eTcvE+m/ljPb0O7/Al25znrSh7A+g4CqnZ86qmmlk8x3Oqxf1mlZxd:K1H50wOLFzrSh7QwZhxmlk8xDfInfZ
                                                                                                                                                                                                                                                                                                                                  MD5:EA240C9D733AD54A79FAACA19BA8D376
                                                                                                                                                                                                                                                                                                                                  SHA1:2C1D1B3AA6AEC6E6E7AF7F64637029971A37BA77
                                                                                                                                                                                                                                                                                                                                  SHA-256:2C2AA55AB99B5A34EB78DED93E46C4D5FEF44077847281E124473C20DE5CF165
                                                                                                                                                                                                                                                                                                                                  SHA-512:D3815BF7B5AF7AA5DBF717F404BDAC9538ADEAFF57CF6EC38C3724D7179FB1F31231009941A671BDD15516E47FF346AFA8738BC399C4E57CB840DEF6821F6464
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......f.........."...0......R........... ........@.. ....................................`.....................................O........O...........&..P#...`......l................................................ ............... ..H............text........ ...................... ..`.rsrc....O.......P..................@..@.reloc.......`.......$..............@..B........................H........G...^......L.......XK............................................(....*.0..A........(....-..r...po....-..* ....s........o....~....([.....-..o....*.*"..(V...*"..(Y...*"..(Z...*2......(W...*..(X...*..{....,..{.....i./.r...p*r...p.{....(....*..{....*"..}....*..{....*B.{....%-.&r...p*...{....(....,..{....o....*r=..p*..{....o...../.rU..p*r...p.{....(....*B.{....%-.&rq..p*B.{....%-.&r...p*B.{....%-.&r...p*.0...........s....}.....~....}.....(......}......}.....r...p}.....r.

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\EnableLoopback.pdb

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:MSVC program database ver 7.00, 512*115 bytes
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):58880
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):3.630751643410456
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:768:zzpRU3Zxj/OxldA65YvwKGuctURhEbizN3S:z1ld/+YlUtR
                                                                                                                                                                                                                                                                                                                                  MD5:22A83ABA340724D13BA13458AD1C31B0
                                                                                                                                                                                                                                                                                                                                  SHA1:C9F4EC49E890C8DE47EB53F4CF236C9DC873ADB9
                                                                                                                                                                                                                                                                                                                                  SHA-256:B589566F171B807363F0B35DBAB30968B1CF529DAEE8742C36713439E03AD114
                                                                                                                                                                                                                                                                                                                                  SHA-512:B50F1C32224F22CA4C05DFEFF43D49C69910D17F6997CA97910F153BF00DB0A031AA83B3D6F311DFC96E946DC1C82B866D73B6CDF7F7CDCD8C2A488BB93605FC
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:Microsoft C/C++ MSF 7.00...DS...........s...0.......r...................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\ExecAction.exe

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):19832
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.657885201327926
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:192:ZsCrRJUlWDSnYe+PjPxucwwSoDvucwwfih5H0JOqxEV1a//bZ28WhTEn:GGOZnYPLxoAjo4S+JNY1cAhhY
                                                                                                                                                                                                                                                                                                                                  MD5:519310853C0EE273A3F8787D7518DD2E
                                                                                                                                                                                                                                                                                                                                  SHA1:22C4E25C4C4C2B5654D05CD6A1E737C6BCB588D8
                                                                                                                                                                                                                                                                                                                                  SHA-256:A23C852D3ED4148044708925E56E17246CDB88D6ECAAA375503FA1F915BA1272
                                                                                                                                                                                                                                                                                                                                  SHA-512:30E51202416AB2D0BAC9CD294D08C12D7973E75696283B1823C6442033698F85075D14DCD79FB1F56886F4491981B1E278D3A506E5E458A1EEE6BB372D5E683D
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...*D.S............................>-... ...@....@.. ....................................@..................................,..K....@.. ...............x3...`......h,............................................... ............... ..H............text...D.... ...................... ..`.rsrc... ....@......................@..@.reloc.......`......................@..B................ -......H........ ...............................................................0............i...r...p(.....*.rT..p(.....~.....(....,.r...p(.....*.......... ....(....}.........}......(......{....o.....i}......J~......(....&.*..BSJB............v4.0.30319......l.......#~..$.......#Strings............#US.........#GUID...........#Blob...........W.........%3............................................................................K.D...R.D...............".....A.....Z.....s.............

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\Fiddler.exe

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):3666248
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.118988021715908
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:49152:0Ms91NvXsJm+5Tti9og1fcaufet3YG5kCTnEsRH0jgB3:RsfNvXsJm+5TtiTMfeJnEsRHAgt
                                                                                                                                                                                                                                                                                                                                  MD5:32CF2E7C6AE825D5F7CB2A7D39C2EE24
                                                                                                                                                                                                                                                                                                                                  SHA1:262176D879E7727375025CAE4AAFC90698ADAD26
                                                                                                                                                                                                                                                                                                                                  SHA-256:D7EA71114BFE70383C1AC2BE6DD19676805A0AFB6E20C0AD3000018AFAD093E5
                                                                                                                                                                                                                                                                                                                                  SHA-512:A72E70F1A11D4443AEDC56A2453CB3ED05BD8106B0E906364F23F01098A378440D2D86AC15F6D98CEEDFE18B0A60D80F6806300B390C2969C3DE97CB380B82C2
                                                                                                                                                                                                                                                                                                                                  Malicious:true
                                                                                                                                                                                                                                                                                                                                  Yara Hits:
                                                                                                                                                                                                                                                                                                                                  • Rule: JoeSecurity_zgRAT_1, Description: Yara detected zgRAT, Source: C:\Users\user\AppData\Local\Programs\Fiddler\Fiddler.exe, Author: Joe Security
                                                                                                                                                                                                                                                                                                                                  • Rule: JoeSecurity_PureLogStealer, Description: Yara detected PureLog Stealer, Source: C:\Users\user\AppData\Local\Programs\Fiddler\Fiddler.exe, Author: Joe Security
                                                                                                                                                                                                                                                                                                                                  • Rule: MALWARE_Win_zgRAT, Description: Detects zgRAT, Source: C:\Users\user\AppData\Local\Programs\Fiddler\Fiddler.exe, Author: ditekSHen
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......f..............0..\7..p......>{7.. ....7...@.. ....................... 8.......8...`..................................z7.K.....7.`m............7.H#....8......z7.............................................. ............... ..H............text...D[7.. ...\7................. ..`.rsrc...`m....7..n...^7.............@..@.reloc........8.......7.............@..B................ {7.....H........|!..............P-..'..'z7....................................."+.(.}.g*...J+.(.0sh(Z5..(....*.:+.(ZF"I.(....*.N+.(>..7....i.(....*F+.(...j....(....*..J+.(..hW.....(....*..0..........+.(O.7T ........8........E(...........=...F.......8...M...............=...[...#...!.......O...........z.......i...........S...w.......2...................x.......h.......s...y...............8...... "6.) ....c >..fa~....{....a(`5..(....& ....8#...~....*..<m... '...8....8%... ....~....{...

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\Fiddler.exe.config

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):261
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.985852904910388
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:6:JiMVBdTMkII5KNZk2ygAyONw5K3OSO1N5MC5lvfqHlE3QIm:MMHd41zNZoE0w03OSO1NNqm3xm
                                                                                                                                                                                                                                                                                                                                  MD5:C2EDC7B631ABCE6DB98B978995561E57
                                                                                                                                                                                                                                                                                                                                  SHA1:5B1E7A3548763CB6C30145065CFA4B85ED68EB31
                                                                                                                                                                                                                                                                                                                                  SHA-256:E59AFC2818AD61C1338197A112C936A811C5341614F4AD9AD33D35C8356C0B14
                                                                                                                                                                                                                                                                                                                                  SHA-512:5BEF4B5487ECB4226544EF0F68D17309CF64BFE52D5C64732480A10F94259B69D2646E4C1B22AA5C80143A4057EE17B06239EC131D5FE0AF6C4AB30E351FABA2
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:.<?xml version="1.0" encoding="utf-8" ?>..<configuration>.. <runtime>.. <generatePublisherEvidence enabled="false"/>.. </runtime>.. <appSettings>.. <add key="EnableWindowsFormsHighDpiAutoResizing" value="true" />.. </appSettings>..</configuration>..

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\Fiddler.pdb

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:MSVC program database ver 7.00, 512*3623 bytes
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):1854976
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.303640388632401
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:12288:zV7QAySSLbvaeufJQW4N5AkoTPo0N2qTkaNW0oaw:zlpySSLbvsJQPN8TPrgaNW0oL
                                                                                                                                                                                                                                                                                                                                  MD5:5549F418A92E1FE7570714139FE1674F
                                                                                                                                                                                                                                                                                                                                  SHA1:AF6312C37CE5A7A65B0F7D153D9607E42603A404
                                                                                                                                                                                                                                                                                                                                  SHA-256:9C6515CE36AB6BC0115E10079BCFB6EAB45FDC7028C1839E1A20AAF548475136
                                                                                                                                                                                                                                                                                                                                  SHA-512:4CC393FB45550A69D6204F94246CDC51D715B0B9E910C55CECF8ECF50911892E5B359C402549ABAD280FC31EE53B015B76AA3817743F7F44A1C4D962EB1D8AF0
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:Microsoft C/C++ MSF 7.00...DS...........'....@......&...................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\ForceCPU.exe

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):19832
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.665574873412458
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:192:fHtIemmfltxD5WLtWwiyT5hNGnYe+PjPxucwwyibSucwwQJk35H0JOqxEV1a//bG:xD5WLZ5qnYPLxoDfoDg+JNY1cAhhv
                                                                                                                                                                                                                                                                                                                                  MD5:B982A103B0D4E0DB856026A163124BF3
                                                                                                                                                                                                                                                                                                                                  SHA1:40772BE00068BBD394FF0FCCD551151A822F3E70
                                                                                                                                                                                                                                                                                                                                  SHA-256:2D209C2B823E350C1F1661F87A3A013804302477AFE56877F94ADBAFE7A2E06D
                                                                                                                                                                                                                                                                                                                                  SHA-512:214ECDF348E2093E91A489C0541F05EB3356E2531C1840A99D9F727CAF1130F5041CCBC6356A7BC31FB4DECE927D3FEE2FA9E4689D2BADBE680FD40104A9D327
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L.../..R............................N.... ...@....@.. ....................................@.....................................K....@..................x3...`....................................................... ............... ..H............text...T.... ...................... ..`.rsrc........@......................@..@.reloc.......`......................@..B................0.......H........"..8............................................................0..h.........r...p..s.......s...... ....j.o....&.o.........3........-..o........r...p.o....(....(............+....*........"1..........BC.......0..Y.........r...p..s......s...... .....o....&..o......o........ ..r...p.o....(....(...........+...*...........56.......0..O........r)..p(.....ru..p(.....r...p(.....r...p(.....r...p(.....r...p(.....r...p(.....*..0.............i........-..(.......8.......r3..p.o..

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\GA.Analytics.Monitor.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):53704
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.271434268217771
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:768:7su21mzJ3+LDDke5WcsvOvHOQ+5bQZdKXJccxYi:7qmByvke5Wcs22QRGKLi
                                                                                                                                                                                                                                                                                                                                  MD5:6F9E5C4B5662C7F8D1159EDCBA6E7429
                                                                                                                                                                                                                                                                                                                                  SHA1:C7630476A50A953DAB490931B99D2A5ECA96F9F6
                                                                                                                                                                                                                                                                                                                                  SHA-256:E3261A13953F4BEDEC65957B58074C71D2E1B9926529D48C77CFB1E70EC68790
                                                                                                                                                                                                                                                                                                                                  SHA-512:78FD28A0B19A3DAE1D0AE151CE09A42F7542DE816222105D4DAFE1C0932586B799B835E611CE39A9C9424E60786FBD2949CABAC3F006D611078E85B345E148C8
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...4.+[.........." ..0.................. ........... ..............................).....`.................................?...O.......`................3........................................................... ............... ..H............text........ ...................... ..`.rsrc...`...........................@..@.reloc..............................@..B................s.......H.......PM...c..........................................................>..(......(....*..{....*"..}....*..{....*"..}....*f.(......(.....(....(....*..{....*"..}....*..{....*"..}....*..{....*..{....*"..}....*..{....*"..}....*..(.....s....}.....{.....o.....s....}....*..(.....s....}.....{.....o......s....}....*..(......s....}.....{.....o......s....}....*....0..z........-.r...ps....z.-.r...ps....zs......r!..pr%..po.....r1..p.o.....r7..p.o.....,..r=..p.o.....,..rC..p..(....(....o.

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\GA.Analytics.Monitor.pdb

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:MSVC program database ver 7.00, 512*187 bytes
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):95744
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):3.5761633792805214
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:768:qT0N9rXf8+G/ne3F8VWITK2gaZbAjJcrNtPja+RLDVa:i0N9rX2nevITK2CjC2+RPVa
                                                                                                                                                                                                                                                                                                                                  MD5:DF9591879A5AF2A8458FB9148E197313
                                                                                                                                                                                                                                                                                                                                  SHA1:189DF547DB269F1694603EAB40519EC0086FC326
                                                                                                                                                                                                                                                                                                                                  SHA-256:6C19EC08FFB13998ACE51E1B531128AF12CD47CCADFF5E346176C6992C00A843
                                                                                                                                                                                                                                                                                                                                  SHA-512:89C8F7686048E3329D47BD7F6678CCA880D1C2A704664A44276090ED2A5B6452D964C69E2D0161EC8B69586E3AAE3C99F63445C22122A1B9BF532234F93AF65C
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:Microsoft C/C++ MSF 7.00...DS...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\ImportExport\BasicFormats.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):115024
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.847412616167395
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:3072:z5zlHe5PmFt6DRIn9TQupG9c1rERA1TenjV++HOHbIE:rlUJ2g
                                                                                                                                                                                                                                                                                                                                  MD5:C9082FFD90962AAC6D73D4F15D6803CB
                                                                                                                                                                                                                                                                                                                                  SHA1:C22FC9A534C9560870C9A0A8D7C694788C69FA8C
                                                                                                                                                                                                                                                                                                                                  SHA-256:7F3EA7CAF5D43F610B9AD20F3F09796847E4B8F4582DC6FF94029194E8905E0A
                                                                                                                                                                                                                                                                                                                                  SHA-512:96BF93650A007C1DBF197A849977B8BB574FA89FD9EB316F906F46B2194473347ECACBAB572A4DFB7FFE0987D44CAA29312A7B1FBC3D8F14A6A0BDA14E5E86E2
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......f.........." ..0.................. ........... ..............................P.....`.................................D...O.......................P#........................................................... ............... ..H............text........ ...................... ..`.rsrc...............................@..@.reloc..............................@..B................x.......H.......$...X...........|................................................+".o.....3..o....r...p(....,..o....*.o....-.~....*..0..w.......s.....+`.o.....3W.o......r...p(....-..r...p(....-.+4..o....o....&.r!..po....&+...o....o....&.r'..po....&.o....-..o....*..0............r-..p.r7..p......8.....o.....@.....o........rI..p(....-:..rQ..p(....-5..r_..p(....->..rw..p(....-G..r...p(....-G+R.o.....+I.o......(....,:r-..p.+2.o......(....,#r7..p.+..o....(.....+..o....(.......o....:G...r..

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\ImportExport\BasicFormats.pdb

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:MSVC program database ver 7.00, 512*367 bytes
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):187904
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):3.9000309396997976
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:1536:ichKTzCxE+1iFoNKelb/PxrEw+aFlq/NRx55T4aXrkAcQ3hIHCmcSvbhcVYhN2xU:iLsaXrZxTmcYhtN+UgwsC6Yd
                                                                                                                                                                                                                                                                                                                                  MD5:3E2C4DF2C33976F09A0A878D0CF9EF9B
                                                                                                                                                                                                                                                                                                                                  SHA1:A323A726EBA734F45EBD77391B9DCE59ED707E21
                                                                                                                                                                                                                                                                                                                                  SHA-256:2EB56EB1CFDFA1141DD0ED284DFD1EC823A1538493EB62D8B190B12B2CE75A94
                                                                                                                                                                                                                                                                                                                                  SHA-512:378DB8A8A9414FD62CCACE04FBE5606FAF0EAC35F1CEFBB33E10B03B70161242ABF21331D9CAE0D24A2C4560A20BC256B8521B78B1FAF0FEF57D0E404B785830
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:Microsoft C/C++ MSF 7.00...DS...........o...........l...................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\ImportExport\VSWebTestExport.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):45904
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.994814740814269
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:768:HbJ9YyrdngCT7Enn/IRXILJtGiU83aT7TTox1qxf1mlZxfmK:FyEI/LtrU83aXoxKfInfm
                                                                                                                                                                                                                                                                                                                                  MD5:7EE8A7354EFF978914CFBE88620FA15F
                                                                                                                                                                                                                                                                                                                                  SHA1:28CB0017666F583011E4CDC28496359D0EF2721F
                                                                                                                                                                                                                                                                                                                                  SHA-256:4B990716C98167940986B1D219EA7D60BC8FF11EB0A325CF52F8706D2759A32D
                                                                                                                                                                                                                                                                                                                                  SHA-512:8DB5641837A64B3310F7B05EBB648C5BAB2D8B51AFABBDC5FE08011EB664516C0CA9E1BEC8520870F121CB3A2B62C380933684237A2810F096FB70065A55ABB8
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......f.........." ..0.................. ........... ..............................x_....`....................................O.......................P#........................................................... ............... ..H............text... .... ...................... ..`.rsrc...............................@..@.reloc..............................@..B........................H........K..XY.........................................................j.(.....(......}.....(....*..0..C........{....o.....+...(......{....o......o....&..(....-...........o.....*.........(4........{....*"..}....*z.,..{....,..{....o......(....*.0...........s....}.....s....}.....s....}.....s....}.....(.....{......o.....{.....o.....{......s....o.....{....r...po ....{.... .... ....s!...o"....{.....o#....{......o.....{.....o$....{.... .... ....s....o.....{....r...po ....{.....K..

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\ImportExport\VSWebTestExport.pdb

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:MSVC program database ver 7.00, 512*203 bytes
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):103936
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):3.804913720625524
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:768:5zb4+hNvVmLAzJJ1LcR4OSEMGvq/G2CzfKRPb3eUCYiumAyxens+d0hT/Hj8qnAk:5jIfKRPb3D1y8nehTvpAOd/xV5
                                                                                                                                                                                                                                                                                                                                  MD5:5AA805B438E450FA804A1CA7F75AD8E5
                                                                                                                                                                                                                                                                                                                                  SHA1:13EE264E8D1A4C8E154B9832A3E399FA4D73E35A
                                                                                                                                                                                                                                                                                                                                  SHA-256:D88D7F2DA6832DD29FD5552357D1CA5FE9FBBF6509FFC9D3B2F01A3FF9CDEA42
                                                                                                                                                                                                                                                                                                                                  SHA-512:BA3DD91F8B133E672E133C639E64B0A69C36B34067D267DE08FFD5ECD1D079E8117F0C33BD2714F62E720C51904BDFD93C552CCAA2F51BF330A434CCECBE2315
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:Microsoft C/C++ MSF 7.00...DS...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\Inspectors\QWhale.Common.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):196608
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.177812068372721
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:1536:jnPlSpsvrGlP3wYeBKpqmSNbgM9ZtZLZQErK3PmIDXRtFhCj6ocpjyc44lc:rlSpsnQCg4ZtZmECfRtF0cpjy94lc
                                                                                                                                                                                                                                                                                                                                  MD5:AC80E3CA5EC3ED77EF7F1A5648FD605A
                                                                                                                                                                                                                                                                                                                                  SHA1:593077C0D921DF0819D48B627D4A140967A6B9E0
                                                                                                                                                                                                                                                                                                                                  SHA-256:93B0F5D3A2A8A82DA1368309C91286EE545B9ED9DC57AD1B31C229E2C11C00B5
                                                                                                                                                                                                                                                                                                                                  SHA-512:3ECC0FE3107370CB5EF5003B5317E4EA0D78BD122D662525EC4912DC30B8A1849C4FA2BBB76E6552B571F156D616456724AEE6CD9495AE60A7CB4AAA6CF22159
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....8V...........!......... ........... ........@.. .......................@............@.....................................W............................ ......X................................................ ............... ..H............text...4.... ...................... ..`.rsrc...............................@..@.reloc....... ......................@..B........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\Inspectors\QWhale.Editor.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):835584
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.8267693764214945
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:12288:vC84TFHhCRR87er17m62l/YpMVuRWGoN0ty6B:vC9T+R87er325wMVuRaGtPB
                                                                                                                                                                                                                                                                                                                                  MD5:EAA268802C633F27FCFC90FD0F986E10
                                                                                                                                                                                                                                                                                                                                  SHA1:21F3A19D6958BCFE9209DF40C4FD8E7C4CE7A76F
                                                                                                                                                                                                                                                                                                                                  SHA-256:FE26C7E4723BF81124CDCFD5211B70F5E348250AE74B6C0ABC326F1084EC3D54
                                                                                                                                                                                                                                                                                                                                  SHA-512:C0D6559FC482350C4ED5C5A9A0C0C58EEC0A1371F5A254C20AE85521F5CEC4C917596BC2EC538C665C3AA8E7EE7B2D3D322B3601D69B605914280FF38315BB47
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....8V...........!......... .......... ........@.. ...................................@.....................................K.................................................................................... ............... ..H............text....... ...................... ..`.rsrc...............................@..@.reloc..............................@..B........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\Inspectors\QWhale.Syntax.Schemes.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):290816
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.492482530864054
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:1536:/YiCDgqGqtbeBLmTnNLUSgk9NPOEbg0hIc2Vrl2XuPtlPpXB1sJOm8M93f2AkkgW:abMmTnNLUSgk9NPOEL2Wg1TOV
                                                                                                                                                                                                                                                                                                                                  MD5:681ABB88692A8D2662C527EAB350744B
                                                                                                                                                                                                                                                                                                                                  SHA1:58BF5FDFA668C2ADD65A6B7EDBB43EAB47648821
                                                                                                                                                                                                                                                                                                                                  SHA-256:9AD5749BA1914101CD4CF2736D0E74BBB8C7ABBE93FD5E83377D5CBF33DDB78D
                                                                                                                                                                                                                                                                                                                                  SHA-512:5F2A370B4BD64E03469DDAA90B7EBD75E588033DBE48AE1B111FA537E56AA13B5BD7E067126D3CC543FAF45CD0595EA2355D8FA412197B61F18754E4F9876823
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....8V...........!.....@... .......P... ...`....@.. ..............................G.....@..................................P..K....`...............................P............................................... ............... ..H............text....0... ...@.................. ..`.rsrc........`.......P..............@..@.reloc...............`..............@..B........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\Inspectors\QWhale.Syntax.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):233472
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.650842692777023
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:3072:Ns/3b/8FpHf3kBFcCsbfqai2/8Fjitdmus95jMRrgk+vWZYz39dHiB796k9gR5+r:NQLa/kBFcCsbfRgzM07XGk+V
                                                                                                                                                                                                                                                                                                                                  MD5:3BE64186E6E8AD19DC3559EE3C307070
                                                                                                                                                                                                                                                                                                                                  SHA1:2F9E70E04189F6C736A3B9D0642F46208C60380A
                                                                                                                                                                                                                                                                                                                                  SHA-256:79A2C829DE00E56D75EEB81CD97B04EAE96BC41D6A2DBDC0CA4E7E0B454B1B7C
                                                                                                                                                                                                                                                                                                                                  SHA-512:7D0E657B3A1C23D13D1A7E7D1B95B4D9280CB08A0ACA641FEB9A89E6B8F0C8760499D63E240FE9C62022790A4822BF4FE2C9D9B19B12BD7F0451454BE471FF78
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....8V...........!.....`... ......>w... ........@.. ....................................@..................................v..W...................................hv............................................... ............... ..H............text...DW... ...`.................. ..`.rsrc................p..............@..@.reloc..............................@..B........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\Inspectors\Standard.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):253264
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.5223352290095855
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:6144:aDdXkVTfwIyE8W+pl7fIQ/51ftYx2Ngzs2L3NUR/m1N:aDdXkiIyEV+pl7tnrxmb
                                                                                                                                                                                                                                                                                                                                  MD5:3D70B43BF339C0EE8A5B858AA3174CFA
                                                                                                                                                                                                                                                                                                                                  SHA1:A0DE61687CD2A72B91D6A4DBD2FED2FA202AC0AE
                                                                                                                                                                                                                                                                                                                                  SHA-256:CEB5F94B822655EA47BABFFFF72763E2DE2497135B473AFBD47984D5FBCB4478
                                                                                                                                                                                                                                                                                                                                  SHA-512:6CC53D58292222862FE69DA44E61A67D48CDA6FBE02CDB8A55053889882278B01105D7752655EAA63DB8EE06CD04FAE33F3558DB1BE73D0470286051A0C39737
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......f.........." ..0.................. ........... ....................... ......dl....`.....................................O.......`...............P#........................................................... ............... ..H............text........ ...................... ..`.rsrc...`...........................@..@.reloc..............................@..B........................H.......4...@...........t................................................0..`........(.....(......}.....{....~....o....~.....{....o....o.....%.{.....{....o....o....~....s....o....*z.,..{....,..{....o......( ...*..0...........s!...}.....("....{....(#...o.....{.....o$....{....r...p"...A...s%...o.....{.....o&....{......s'...o(....{....r...po)....{.....o*....{.... 0... ....s+...o,....{.....o-....{....r'..po.....{...........s/...o0....(1....{....o2....r)..p().... 0... ....s+...(,.

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\Inspectors\SyntaxView.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):70480
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.301788425492879
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:1536:gSYKCJHDFPc0WIQ1zf2trjOWzwxhFfInflc:g2CRDFYIQ1zfBg40
                                                                                                                                                                                                                                                                                                                                  MD5:AE5A16A270723A069A3D219318639AE2
                                                                                                                                                                                                                                                                                                                                  SHA1:B192159D2EF1807F0595C2AE0D5C0A15BD80B43B
                                                                                                                                                                                                                                                                                                                                  SHA-256:47745B08FEC912DC59C54D18EDE668261FAA920F8CC9B38129B112DCDDCBDCC6
                                                                                                                                                                                                                                                                                                                                  SHA-512:DB589B02C2B076DF91D858B8E0304F27DC216C2CA514BEF5918D79848958A3D89D0DC243615CE9F6323EF01A19AB1DCB74786FC5A7DFA253634F88D689070697
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......f.........." ..0...... ........... ........... ....................... ......u.....`.....................................O.......l...............P#........................................................... ............... ..H............text........ ...................... ..`.rsrc...l...........................@..@.reloc..............................@..B........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\LoadScript.wav

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:RIFF (little-endian) data, WAVE audio, Microsoft PCM, 8 bit, mono 8000 Hz
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):4781
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.524615403942935
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:96:IiHTx2ZENf0NWxuKKVf5Pwb1fT0qUB6X6:lTx22kWxujf5Pwb1b07
                                                                                                                                                                                                                                                                                                                                  MD5:6EA0ADCB5AF7AB65714E76374AD655FE
                                                                                                                                                                                                                                                                                                                                  SHA1:6BD0ECAFD9ECD4B7921624DBA983680CADEC14FE
                                                                                                                                                                                                                                                                                                                                  SHA-256:4D97CAEEE07CFD354E2F5210AD1522C948BDCFC520FE8BDE27652CDA92F28241
                                                                                                                                                                                                                                                                                                                                  SHA-512:834391490FE6F99EFE358DBD58F051A87717ACCCE839FDE5524F8CEF4D7F872707B220AE975591038909E9AE95D04A04104EE7294D4AC0C53ECF5CA0076C4E39
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:RIFF....WAVEfmt ........@...@.......data....}}{{{{{y{{}}.........}ytrkggbdkry............p`SG<<?EQ^p............gO;+ ..);Ol...........cF,......Kj...........aB*.....1Kj..........._C).....4Nl..........._C,.....4Nl..........}_D,...."5Ql..........}`D+....#8Qo..........}^C,....#8Qo..........{^C,....$9To..........{^D-....':Tq..........{]B.....(<Uq..........y]C,....(=Ws..........y[C-....)=Ws..........z\B.....*@Xt..........x\B,....-@Zv..........x\C-....-CZv..........xZA,... .C]v..........v[B-...!1D]x..........v[B- .."1F]x..........vZA.!..#2G_x..........tX?- ..%4I`z...........tX@- ..&5Ibz...........tYA,...'7Lb|...........sW?+ ..):Nd|..........sV>,!..*:Nd|..........qV>,"."+;Of~..........qV?-"."-<Of~...........qU>,!.#.>Sh...........pU=-".$/@Tj...........pT=,! '1BVk...........pT<+" '3EXl...........nS;*!!(4EXm...........nS;,$$*8GZm...........mR<-&&-9HZo...........mR;,%'-;L\p...........lQ;,&(.;L^q...........lP9+'(2?N`r...........lP9,')3@Oar...........lP;.*-7DRbs....

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\LoadScriptError.wav

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:RIFF (little-endian) data, WAVE audio, Microsoft PCM, 8 bit, mono 8000 Hz
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):1490
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):7.084431883129677
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:24:Lh8u49YDWju0+Ufc7fGT/+sDQdEU92zKWGw+SVb4Z1ljHK8zEceIol9yai/WJlkk:LSuaYDY+pO5y92z4O4Z1s8zEceXM8CvA
                                                                                                                                                                                                                                                                                                                                  MD5:72309F20F2BFEE0595FE8D20B8CBEFB0
                                                                                                                                                                                                                                                                                                                                  SHA1:EFC2B2B263722DDDFFEA44FFC7A116DAF09709B3
                                                                                                                                                                                                                                                                                                                                  SHA-256:DCE3297D94996C91126446E133145E4395C87BA47C4B731CA86C4C845DAD8049
                                                                                                                                                                                                                                                                                                                                  SHA-512:0DE89F9B0CA62CD9977E2BECF30D8E9C416AD42F66D1BFBF78E34DC6301E0CEC559813D76A05F11ABEB39C7CAC45E6C20BDF88C86C398C09158CB9F6C3AF5942
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:RIFF....WAVEfmt ........@...@.......data.........~teVGR......|l`Rf....}rkdb].....yg]TTW......paWSY....v_JGX^n....^pzh\IN......vT=.Ey...paJ<8~...h=..&s...mIFok_v..{s...nTc...w..wmOADi....c#.......p;0>a....lc[H]......XG]YVm~.......G..8p...o3..]...t=*.8n.....d50Lb....qR`.....vU=H....obi....[...9.....eA..A.....N2>k....S2:l....~ji...d8*Dv...uWWh~....}^A'"K.....;...V....dNd...s^R^.....p\f~.....aRT]q.....`4 4p...j)."o.....;..Bq........sX?6Hl.......vYC?Sz...b<8^....8..3.....Q?H`......~j^^h|.....qijnl`WZs....b...C....eBCd....vXKM\v.....^5'8a.....ulx...lWRe....K(,Z....Y'.'Q.....|T;<U{....eS]....m@/?h..........{I&"C{....hE7>X}....X3,I....t<!0^....~lq....uXLVp....}rt.....ydTLM]|....k(..<....l@8T.....f[cu..........ubY\hw.......jQGUw....d?6S....f1.,U.......vh]X[i~.....|z|~|wst}...}j\ay....}R8;Z.....v`[ew.....ynfdjz.....wcZ_ly.........jSKWs.....h]dv....|lcem{......n`\dv.....plr~...}usy...{pkp.....|eWVcx......tidhs.....skn{....{iaer..........|rkks.....}snpv~.....wk

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\NOTICES.txt

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Unicode text, UTF-8 text, with very long lines (2966), with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):52307
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.024626361667652
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:1536:SNtCkkRZhAgD0eL8kcp8ZMoh0FVntHOIzm:SNtgRZhF58kcKiXtHnC
                                                                                                                                                                                                                                                                                                                                  MD5:ADFC592F90745C1CEB5088BE6233CA8E
                                                                                                                                                                                                                                                                                                                                  SHA1:323558F4EEC2237D47DFA0805337C99FA1E952CD
                                                                                                                                                                                                                                                                                                                                  SHA-256:0A28FB1C261B7EED6CF8F59373BFED456A622B1C30BA828693F1834CD24C1E25
                                                                                                                                                                                                                                                                                                                                  SHA-512:0BB50A823270F9AA629E4CF7DE4D4DE3B04BDB79A6F2DC732C50243DE1040CDBDAA46E8E75CE0B3DD9CD85224D69974CE44E57FF319FDDF4B1BEDCF19AE51D9F
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:Progress Telerik Fiddler Classic v5....Copyright . 2003-2021 Progress Software Corporation and/or one of its subsidiaries or affiliates. All rights reserved.....Portions of the Product include certain open source and commercial third-party components listed below ("Third-Party Components"). The authors of the Third-Party Components require Progress Software Corporation ("PSC") to include the following notices and additional licensing terms as a condition of PSC's use of such Third-Party Components. You acknowledge that the authors of the Third-Party Components have no obligation to provide support to you for the Third-Party Components or the Product. You hereby undertake to comply with all licenses related to the applicable Third-Party Components. Notwithstanding anything to the contrary, to the extent that any of the terms and conditions of the Progress Agreement conflict, vary, or are in addition to the terms and conditions of the aforementioned third-party licenses for these tec

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\Newtonsoft.Json.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):662528
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.91790849905593
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:6144:3o4V9ynqKoxhi0gAsfLBhJJzhGIVrdhoHuLFGAJmKApt5psaLGBFahKGRd67XLEm:LyncxQRhJJzhoqgH5sB4dxHG
                                                                                                                                                                                                                                                                                                                                  MD5:5AFDA7C7D4F7085E744C2E7599279DB3
                                                                                                                                                                                                                                                                                                                                  SHA1:3A833EB7C6BE203F16799D7B7CCD8B8C9D439261
                                                                                                                                                                                                                                                                                                                                  SHA-256:F58C374FFCAAE4E36D740D90FBF7FE70D0ABB7328CD9AF3A0A7B70803E994BA4
                                                                                                                                                                                                                                                                                                                                  SHA-512:7CBBBEF742F56AF80F1012D7DA86FE5375AC05813045756FB45D0691C36EF13C069361457500BA4200157D5EE7922FD118BF4C0635E5192E3F8C6183FD580944
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...u.3..........." ..0............../... ...@....... ....................................`.....................................O....@..T....................`.......-..8............................................ ............... ..H............text........ ...................... ..`.rsrc...T....@......................@..@.reloc.......`......................@..B........................H........t......................x-........................................(....*..(....*..{....*"..}....*..(&...*:.(&.....}....*"..('...*..(....*..{ ...*"..} ...*..{!...*"..}!...*..{"...*"..}"...*..{#...*"..}#...*..{$...*"..}$...*..{*...*>..}*.....(....*..{+...*>..}+.....(....*..{%...*"..}%...*..0...........{&......(....-..*..(....*6..s....}&...*.0...........{'......(....-..*..(....*6..s....}'...*.0...........{(......(....-..*..(....*6..s....}(...*.0...........{)......(....-.

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\Plugins\NetworkConnections\Telerik.NetworkConnections.Windows.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):34440
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.5351759096470525
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:768:2LpjNBBUyOzcB7RZbkTg+jO4HmBWKNTjNTlfKaE:2LB9VRpOg+jmBPFjF0aE
                                                                                                                                                                                                                                                                                                                                  MD5:5889357424D717C8629C8BFABCD0BE50
                                                                                                                                                                                                                                                                                                                                  SHA1:87E7047A40E24BD5AC23F89E072EE39A14A53023
                                                                                                                                                                                                                                                                                                                                  SHA-256:3564B25B24569B8D8A0128F2F4BDDEC89C0B8986DA7542D9C64AAC730360A600
                                                                                                                                                                                                                                                                                                                                  SHA-512:1AF458742CEFD4730D64B19ECC05460354F0E47A79CDCD7794877AA0F6C56CFB92F37A0DAF66FEDAEC2A579EB0187D774B7D5BA1FFF65D6AB1504DF4C3668FAD
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 2%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....X.].........." ..0..H...........f... ........... ..............................Y.....@..................................f..O....................R...4..........\e............................................... ............... ..H............text....F... ...H.................. ..`.rsrc................J..............@..@.reloc...............P..............@..B.................f......H........0...4...................d......................................Z..,...%..;.%.. ......*..0..Q.......~..........(.....(....~....,'~....- ....r...p.......s....(............,..(.....*...........>F.......0..A.......~..........(.....(....~....-.~....,.~....o.............,..(.....*............6.......0..'.......~.........(....t............(...+...3.*..0..'.......~.........(....t............(...+...3.*..0..........~......,....o....*.s.........*..u....,..t....*.o.....(.....(

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\ResponseTemplates\200_FiddlerGif.dat

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):433
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):7.006813236327367
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:6:uh38iIRf2Q+x9vhyyq5tasR1jvT/8Lr4wlguOPS+Gel0EcdqqRxavDG:cMiIIQO/qzasR1jjoswlcS+GNFRxN
                                                                                                                                                                                                                                                                                                                                  MD5:0847D00123F892514A4AD127632AE14E
                                                                                                                                                                                                                                                                                                                                  SHA1:193C87427C3B37FCEA7E1FF20918BD18F4D487FF
                                                                                                                                                                                                                                                                                                                                  SHA-256:07DB49DC0D250B90E8F6CBD8D3A4340EB01AF2AFBCC1AE6E539312B1E7F71B97
                                                                                                                                                                                                                                                                                                                                  SHA-512:DD5727B39F13EB05BE49AEC3654479AC5162C28157258BF8AF8F6878FF55B1E111335FD73BE04346A6685ECD0C22CCD7726E7D7B2CD7CE871888F9BC148BE27E
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:HTTP/1.1 200 OK..Date: Fri, 25 Jan 2013 16:49:29 GMT..FiddlerTemplate: True..Content-Length: 308..Content-Type: image/gif....GIF89a#.$.w..!.......,....#.$................................H......*\x..@.. F|Hq.E..':..#..CV..q....... @.%/.l.. ..-....gJ.'e..Y3..4...I..S.I.....f.B.f.j5..<....iE.b..y1..ZK..;.kN.N.^..t`Y.u{.....B.|.....o.d..`...W.\.>.kxk...2$.y.c."....:'N.UY.~.....GEn.M....R....C.{..[9j.K...3...k....;

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\ResponseTemplates\200_SimpleHTML.dat

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):150
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.098902738457552
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:3:uVorFR6ZX4Qidv9leIrRNFQ4LXFMCE2AZA/lXIZnHm:uA3eIRdbFu2AZA/lXIZG
                                                                                                                                                                                                                                                                                                                                  MD5:CE18F4915C278F5196CACBB086E0AFDD
                                                                                                                                                                                                                                                                                                                                  SHA1:3CD4F950BEEDBA52F6988F082BEC98C153706AE3
                                                                                                                                                                                                                                                                                                                                  SHA-256:C1DE5D01D11CFE466B819AF52BA381F217573C889781C60BE82EB285E9FA8908
                                                                                                                                                                                                                                                                                                                                  SHA-512:D4B756F9AD78DA3FE740CC283AAAB754E3FBCCE81E030AD01598F63022452E0AFBBEA06F9EABD45F22CB0AEA12E876BDEA462FF56FC7A0CF4F432219F0F008D8
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:HTTP/1.1 200 OK..FiddlerTemplate: True..Date: Fri, 25 Jan 2013 16:49:29 GMT..Content-Length: 51....This is a simple Fiddler-returned <B>HTML</B> page.

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\ResponseTemplates\200_TransPixel.dat

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):173
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.257157707003835
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:3:uVoaoZX4Qidv0Q+LAIeAtMx9v90IrRNFRRov5cUVAae/XExlHrfx/n:uh38iQ+x9v2IRBRFaOUJ/n
                                                                                                                                                                                                                                                                                                                                  MD5:2312C8130D9203F27C0CECE742B8928F
                                                                                                                                                                                                                                                                                                                                  SHA1:03FFC27128A1D8C87E0E3B47797FC1914AAD5C40
                                                                                                                                                                                                                                                                                                                                  SHA-256:55E9D8ACC7DC6EAD2E4B09C5212D23FDE6E9D7F8DE739A2CF3821C4D93713845
                                                                                                                                                                                                                                                                                                                                  SHA-512:AFB5A0FAFA9F2297899C16745E04CB2F8C647F1C8CAEAE6522732E5C62075A1B771156795E0C148D64FB79A738E33FEBB28523217EBC9A7EC7A548D574EC77A6
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:HTTP/1.1 200 OK..Date: Fri, 25 Jan 2013 16:49:29 GMT..FiddlerTemplate: True..Content-Type: image/gif..Content-Length: 49....GIF89a...................!.......,...........T..;

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\ResponseTemplates\204_NoContent.dat

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):106
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.910249518995826
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:3:6amplo7M2FR6ZX4Qidv9leIrRNFV7v:6amLw13eIRF7v
                                                                                                                                                                                                                                                                                                                                  MD5:B381D9C48A57EC5D61D20B963FA2E0C7
                                                                                                                                                                                                                                                                                                                                  SHA1:77D0E8255534785CED3DDA0906C871F2D662A7D2
                                                                                                                                                                                                                                                                                                                                  SHA-256:57A03EA6C0480797D923C72ECE7E6E5D3B0B34299BFB879F67E519C9B6CD4FCC
                                                                                                                                                                                                                                                                                                                                  SHA-512:07A8A08143AB20350CE04FB51C70356748E76C486C33495B5BAE1D72D53B8913BB420694B55F7FEA8D9CE087B4418B965F7FDC4FE368F61662569EA2DC109808
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:HTTP/1.1 204 No Content..FiddlerTemplate: True..Date: Fri, 25 Jan 2013 16:49:29 GMT..Content-Length: 0....

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\ResponseTemplates\302_Redirect.dat

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):165
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.17690837820763
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:3:z3AgGXFR6ZX4QidvkbcS4QIbdmELxKdKjMZsROBjs2IrRNFV7v:A13Mbj4Qwdmi7wUO5IRF7v
                                                                                                                                                                                                                                                                                                                                  MD5:BED4C478EC0842F8230BF9A025491A14
                                                                                                                                                                                                                                                                                                                                  SHA1:362E4D075AA2846C4E1B998E1A3F15A1D96DFF81
                                                                                                                                                                                                                                                                                                                                  SHA-256:5192579A4A2761B0C65544D1B61804222C169CDABD007FED0F40DE09C3F9E854
                                                                                                                                                                                                                                                                                                                                  SHA-512:723E56024F577A082FDE1907A29CCD80B8A5D0CB9A2877BA68D1C0A69AA5AB0395CFD8749E8D73B70D4E680BC8E7892A7100DC42EAF8FFF921D25B8505129F33
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:HTTP/1.1 302 Redirect..FiddlerTemplate: True..Date: Fri, 25 Jan 2013 16:49:29 GMT..Location: http://www.fiddler2.com/sandbox/FormAndCookie.asp..Content-Length: 0....

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\ResponseTemplates\303_RedirectWithGet.dat

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):175
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.224949708789029
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:3:T6TcLCEM2FR6ZX4QidvkbcS4QIbdmELxKdKjMZsROBjs2IrRNFV7v:TJzMo3Mbj4Qwdmi7wUO5IRF7v
                                                                                                                                                                                                                                                                                                                                  MD5:972CDF70D09EAC166BD8D82573382698
                                                                                                                                                                                                                                                                                                                                  SHA1:DF3D3874688F2294DE50590C754411AAD8171952
                                                                                                                                                                                                                                                                                                                                  SHA-256:E857508C27591ECF82C522121AB261472AC57023CBF817CA5EB1212AC8B18735
                                                                                                                                                                                                                                                                                                                                  SHA-512:96C4C0DCFE37236845F135D9A50B895433D4B49D532D3DAC3A0D7E2831A9AFAE5C2BB8FCFDF5723D74D50BE842A67AD675C33C2F1554D2F59A05B476E7E7C33A
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:HTTP/1.1 303 Redirect Using GET..FiddlerTemplate: True..Date: Fri, 25 Jan 2013 16:49:29 GMT..Location: http://www.fiddler2.com/sandbox/FormAndCookie.asp..Content-Length: 0....

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\ResponseTemplates\304_NotModified.dat

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):108
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.979178963108823
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:3:lGme7ABGFR6ZX4Qidv9leIrRNFV7v:i7AB43eIRF7v
                                                                                                                                                                                                                                                                                                                                  MD5:155D2112C5A34E0122456E65EEA0415E
                                                                                                                                                                                                                                                                                                                                  SHA1:4600910AB706B69A9EF2EEEACA73FC015BA16C92
                                                                                                                                                                                                                                                                                                                                  SHA-256:4D34160482A2FE82B27D396EAC3C32B5E9AED7E774E8A60DBE787BD066988944
                                                                                                                                                                                                                                                                                                                                  SHA-512:7FAA29CAB291902AF60FDB8AED74E3A686DE80B047B0941D4B47DD1D8D5C669F640D220ACD785AC775F74B3A0C7F852BA1859C5F09AE82E31AF0589D3FFD97B1
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:HTTP/1.1 304 Not Modified..FiddlerTemplate: True..Date: Fri, 25 Jan 2013 16:49:29 GMT..Content-Length: 0....

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\ResponseTemplates\307_RedirectWithMethod.dat

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):183
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.181576542946864
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:3:WkmdR1MBBGFR6ZX4QidvkbcS4QIbdmELxKdKjMZsROBjs2IrRNFV7v:hdBB43Mbj4Qwdmi7wUO5IRF7v
                                                                                                                                                                                                                                                                                                                                  MD5:EC8F186D82B4D5D32EE18DB08C59BFB0
                                                                                                                                                                                                                                                                                                                                  SHA1:452A15EBFA2A7C0FF53F4A5A85903F8D09C8ED65
                                                                                                                                                                                                                                                                                                                                  SHA-256:631EE98F55964E23C04D6E24A445CDD0B0DE7D2F1DC3EAF5BE7AE211DDB7D2DC
                                                                                                                                                                                                                                                                                                                                  SHA-512:FF5C154F8F8992816FE9F41CA6CE84BFF2318ADEE26E5090DC92A4371FED08EC3B36E848A864CB509813CCF4DBFB3F830D1F5D45BF89E5C502D0BDA9A4274C25
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:HTTP/1.1 307 Redirect using same Method..FiddlerTemplate: True..Date: Fri, 25 Jan 2013 16:49:29 GMT..Location: http://www.fiddler2.com/sandbox/FormAndCookie.asp..Content-Length: 0....

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\ResponseTemplates\401_AuthBasic.dat

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (520), with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):707
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):2.434991755598168
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:3:6L9aNACpjMBBGFR6ZX4QidvBw90uJdwB/xv2IeAtRATWIJeeIrRNFQFAMtFKRVW7:RLpwBB43HuMp2Q8a0tIRfMqRMExC
                                                                                                                                                                                                                                                                                                                                  MD5:0760F4F0ADBEE7ABFB5D05530450FF33
                                                                                                                                                                                                                                                                                                                                  SHA1:69D35928F1D2061047129C99BEDF56B5E0D0FBCC
                                                                                                                                                                                                                                                                                                                                  SHA-256:3E2E69628454FD3C220F099FEC1CCCE73F2E779BD43939762928BC8079383DFA
                                                                                                                                                                                                                                                                                                                                  SHA-512:C3824DC3882282399D2C3211217DEF0E96F94D6986B6FBFF5378B3AA864D8E93788B529502FE3137E15BD753DD52496192851C846A83D09F471998EC2741FC1E
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:HTTP/1.1 401 Authentication Required..FiddlerTemplate: True..Date: Fri, 25 Jan 2013 16:49:29 GMT..WWW-Authenticate: Basic realm="Fiddler"..Content-Type: text/html..Content-Length: 520....Fiddler: HTTP/401 Basic Server Auth Required.

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\ResponseTemplates\401_AuthDigest.dat

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (520), with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):823
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):3.1083687079781006
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:12:RLpwBBN1TgeGgrD0mEDQAQYtIGqccWbyW:t6VjBFNCSGqcnbyW
                                                                                                                                                                                                                                                                                                                                  MD5:49756F7861BF92FF1FD84076616B242A
                                                                                                                                                                                                                                                                                                                                  SHA1:38187C1D3C748FADE05DBC10DA27DC93D183FD15
                                                                                                                                                                                                                                                                                                                                  SHA-256:CD8B03F62A20D47FC5C9A495615B350E4DA7EABFFF34B8E112AFEC63BAB1CBEC
                                                                                                                                                                                                                                                                                                                                  SHA-512:08655D1D59E13F95D8A2A36A9DE88BE2A5ABD3B6A21A98ED8DDC8B7C53F38E912E64064BF1D9D83D2DF4EB41E3ABC2477463CC454BD531800F49857DA8D7DCA5
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:HTTP/1.1 401 Authentication Required..FiddlerTemplate: True..Date: Fri, 25 Jan 2013 16:49:29 GMT..WWW-Authenticate: Digest realm="realm@example.com",qop="auth,auth-int",nonce="dcd98b7102dd2f0e8b11d0f600bfb0c093",opaque="5ccc069c403ebaf9f0171e9517f40e41"..Content-Type: text/html..Content-Length: 520....Fiddler: HTTP/401 Digest Server Auth Required.

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\ResponseTemplates\403_AuthDeny.dat

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (520), with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):631
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):1.7576506650773096
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:3:GRuuC0BGFR6ZX4Qidv9leIrRNFQFAMtFKRVRuuBF/X:G1B43eIRfMqR1Fv
                                                                                                                                                                                                                                                                                                                                  MD5:7374B4D828FBA72D4C46F9BADC47CA3E
                                                                                                                                                                                                                                                                                                                                  SHA1:0DEE779BB2D38FE4E8E712F214E743D647A8788C
                                                                                                                                                                                                                                                                                                                                  SHA-256:3768D4F6467396343BAAD8DF2FE102D22611318F2BE090C2CFD8AC82FD201513
                                                                                                                                                                                                                                                                                                                                  SHA-512:678046183FA344BE53841D88B2A978FEF3FA1352A1C084A50D1864D6F95D36188523D6D1987DF14D682FD589EFEC6D2228530F18F038725C6E94A86F22946813
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:HTTP/1.1 403 Access Denied..FiddlerTemplate: True..Date: Fri, 25 Jan 2013 16:49:29 GMT..Content-Length: 520....Fiddler: HTTP/403 Access Denied.

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\ResponseTemplates\404_Plain.dat

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (520), with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):652
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):1.8652089301157977
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:3:mKbyjM3GFR6ZX4Qidv9leIeAtRATWIJeeIrRNFQFAMtFKRVaRb/FNd:zbwk43eQ8a0tIRfMqRIRb/Ff
                                                                                                                                                                                                                                                                                                                                  MD5:5463FF9BABDC2DC1E1304F04400120AA
                                                                                                                                                                                                                                                                                                                                  SHA1:351449F2043E8CCEF14AC76AE8AA87E8CA4B7A9D
                                                                                                                                                                                                                                                                                                                                  SHA-256:A136C0E17264C40873534669AF5F78E7E17E70F8661046C32599C6615CAD80CF
                                                                                                                                                                                                                                                                                                                                  SHA-512:3C8F8D41ACF6C26F85A5FFF8FB12D062381F45820D529E6037E54804CC043EB4D956BF5A4F807429A9EB816A8FAFA29BEC4DB720B6ECB987075CCD13845D6BBB
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:HTTP/1.1 404 Not Found..FiddlerTemplate: True..Date: Fri, 25 Jan 2013 16:49:29 GMT..Content-Type: text/html..Content-Length: 520....Fiddler: HTTP/404 Not Found

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\ResponseTemplates\407_ProxyAuthBasic.dat

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (520), with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):719
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):2.4558303990917083
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:3:7zRwUPjMBBGFR6ZX4QidvdLIv490uJdwB/Kl8Rj10IeAtRATWIJeeIrRNFQFAMtY:7ddwBB43hItuMKlJQ8a0tIRfMqRIt+
                                                                                                                                                                                                                                                                                                                                  MD5:32C8D78B7BCEFA8EA4D459BD9328BCB0
                                                                                                                                                                                                                                                                                                                                  SHA1:F816A637E20F541618BB9C62095C175DF16ED48B
                                                                                                                                                                                                                                                                                                                                  SHA-256:A39A2DBA0A39AB590535EC9BB33C1095B7B6E79F7686C2FD5368230010721876
                                                                                                                                                                                                                                                                                                                                  SHA-512:5D6339DAA5BB788E6AD6B3A600F153467859793E78E8FA1E2143D335E90D815BD683A1660ED97E5672350BE61085F15B0D84AC3C24C59FB89FBCD8DB8F59D9F5
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:HTTP/1.1 407 Proxy Auth Required..FiddlerTemplate: True..Date: Fri, 25 Jan 2013 16:49:29 GMT..Proxy-Authenticate: Basic realm="Fiddler (just hit Ok)"..Content-Type: text/html..Content-Length: 520....Fiddler: HTTP/407 Proxy Auth Required.

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\ResponseTemplates\502_Unreachable.dat

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (520), with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):661
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):2.048027069290318
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:3:3YGNEHN6546ZX4Qidv0Q+LAIeAtRATWIJeeIrRNFQFAMtFKQ9qLXpHtNZ:bAdN8iQ8a0tIRfMqyMd
                                                                                                                                                                                                                                                                                                                                  MD5:1C7DF40E98F04B29A79AF929A3AEC437
                                                                                                                                                                                                                                                                                                                                  SHA1:C7E246673A4EFBDAE3955095F3183C95AF2F3732
                                                                                                                                                                                                                                                                                                                                  SHA-256:056E734FD9EF5BBE213A5FCCFC32B23F71F7F6CF7B792FA8E614D1C968A2210E
                                                                                                                                                                                                                                                                                                                                  SHA-512:552D3D89716BF3C9068179E2190D6DC257AE1BC023356A228BA36FA5FC6E61C89AC9A9CEE95BD67779F13B8C04FE1C3CEA08834D4E96D2CFB08E6E54E81DC5BE
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:HTTP/1.1 502 Unreachable Server..Date: Fri, 25 Jan 2013 16:49:29 GMT..FiddlerTemplate: True..Content-Type: text/html..Content-Length: 520....Fiddler: HTTP/502 unreachable server.

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\Screenshot.wav

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 16000 Hz
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):13090
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.7279638747220565
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:384:dIR94458ov44jkTZeh9QUHsG0h6rWll9Rm3BI:GZnPjkTZeh9fBMAiNm3q
                                                                                                                                                                                                                                                                                                                                  MD5:99803241008EE3D6F14AD27A5F24C34B
                                                                                                                                                                                                                                                                                                                                  SHA1:43A13F3C5844A577A5221FCFDBFB75A58478683F
                                                                                                                                                                                                                                                                                                                                  SHA-256:D474865A5E5C2F9D039C0F7A017E9A5E23A159CF6F534E879E979C61085FA1F9
                                                                                                                                                                                                                                                                                                                                  SHA-512:4366935AF45CB5C3B963AEEA3D19507A028760BE375717C5F7EC59115417680359A404C8D87A33A5BE362EBF3F12EB28CDAC539C153F3388446D912A57B37C96
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:RIFF.3..WAVEfmt .........>...}........fact....t...data.2..........(.(...,.C.=.j.>.{.x.......j.c.;.<.................4.......t.#.d.;...+.o.R.f.x.T.{............s.....A.......^.....3...Z.....1.b...+.-.F...............d...9.....J.)...S.....6.V...........{...w.....G.....d.^.8...2...v.X...!."...-...]...7...S.R.......f.....}. .....K.....B...M...:...........Z.....~.H.g...<.9.T.............6.....Y.v.d...@.A...m.G.....i...#...D.L...N.....D.........*.K...........^.......c...c.f.....%.!.......Q.S...........i.N.....L...k...............H.,.........~.......O...j...........i...6...k.........D.......6...Y.....:.=.1.......=.......`.......P.........>.:.8.......B.......h.&.......<.....B.s.....%.h...Q.h.g...............b.:.......y.........%...3.....d.i.w.d.8.s.^...K...................$.X...I.......1...O...H.....d.../...W.*.D._....|...N.!.......n...B.l...w.U...\.:.....7.....#.....a.A.......Q.j.W.a...<.....=...}.........o...6.......c.x.o.0.......=.......].....A...l.S...&.N...........8.#.........p.l.......

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\ScriptEditor\Analytics.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):33224
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.525851583552875
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:384:gpeCB0nVQ/EMq7+Zi9nQwnHgfLtVUEoBXejF6XFlnwnYPLYyTcGq1y2h33XcQ7:/U0VQMMrZi9QiHWtVxOFxwxGqXR7
                                                                                                                                                                                                                                                                                                                                  MD5:1C2BD080B0E972A3EE1579895EA17B42
                                                                                                                                                                                                                                                                                                                                  SHA1:A09454BC976B4AF549A6347618F846D4C93B769B
                                                                                                                                                                                                                                                                                                                                  SHA-256:166E1A6CF86B254525A03D1510FE76DA574F977C012064DF39DD6F4AF72A4B29
                                                                                                                                                                                                                                                                                                                                  SHA-512:946E56D543A6D00674D8FA17ECD9589CBA3211CFA52C978E0C9DAB0FA45CDFC7787245D14308F5692BD99D621C0CACA3C546259FCFA725FFF9171B144514B6E0
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...4.+[.........." ..0..F...........e... ........... ....................................`..................................d..O....................N...3.......... d............................................... ............... ..H............text....E... ...F.................. ..`.rsrc................H..............@..@.reloc...............L..............@..B.................d......H............4...................c.......................................0..)........{.........(....t......|......(...+...3.*....0..)........{.........(....t......|......(...+...3.*J.(.....s....}....*.0...........{......,....o......&..*.................0..S........{....,..H..}.....,9.{....o.....+..o.....o.....o....-....,..o......~....o......&..*....... ..8..........OO.......0..S........{....-..H..}.....{....o.....+..o......u....,..u....o.....o....-....,..o.......&..*.........

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\ScriptEditor\Analytics.pdb

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:MSVC program database ver 7.00, 512*95 bytes
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):48640
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):3.4063107578330305
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:384:IzCZdxQVINRdRoNFAYAz3GclBLEKiuNCFJkOLxYbs63N:fxz3oNqbTLUnjpLxY
                                                                                                                                                                                                                                                                                                                                  MD5:F84FB6CD84B5D07E3DE4D78D38F388FF
                                                                                                                                                                                                                                                                                                                                  SHA1:0B31F09EEB1AF0681614C2F9F90D98B541DF580F
                                                                                                                                                                                                                                                                                                                                  SHA-256:03CA5A20D36BBC0AEA28AA3184D65B322CECC3080D55A975CDF0F5D31199829D
                                                                                                                                                                                                                                                                                                                                  SHA-512:03FA13B39D4FAE8BC83B4F37CF24AAFC8C4A12A5DB0462968AE6A0C96232D727DF9264D190FF641115921E350A1981AD518A4740C20E54C433B2F2065522AD52
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:Microsoft C/C++ MSF 7.00...DS..........._...........[...................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\ScriptEditor\FSE2.exe

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):51200
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.45812458489396
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:768:ShiPG/qCn02KhWZH8Ufrg04g0r/pECkG9wR:KzrnKhWZH5frgc1R
                                                                                                                                                                                                                                                                                                                                  MD5:7A8DF7276257139271A09A8947DA44E5
                                                                                                                                                                                                                                                                                                                                  SHA1:965C788156E2E29B6D1012430AFEE0CAD13093B0
                                                                                                                                                                                                                                                                                                                                  SHA-256:8B0B9859AF32D467FB7031AC8164779FFDB274CDAFF959D89D11A65A365C8E12
                                                                                                                                                                                                                                                                                                                                  SHA-512:2769F62F0DE76726C33CB0EAE42C933806DDCEAE6C1F97D16302C575A8955FE33D4388824CA2A2C1269B09755E42B82FA5DCECA825BD19E3E83ED43F97CA1F79
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......f.........."...0.................. ........@.. ....................... ............`.....................................O...................................x................................................ ............... ..H............text........ ...................... ..`.rsrc...............................@..@.reloc..............................@..B........................H........]..`l......O...p................................................0...........o....o....r...p(....(......r...po.......(....,.rA..pr...p(....&*...o.......(....,.r...p.r...p(....r...p(....&*..s.......o.........8.............o....r...p..o....o....(....s........( ...o!.......o"........,9....o#...r...p ....($........o%...tK.......o&.......o'......X.......i?o.....~V...%-.&~U.....q...s(...%.V...o).....o*.....+...(+......o......o,...&..(-...-...........o.......o/....o0........

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\ScriptEditor\FSE2.exe.config

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):110
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.504588688812839
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:3:cTIMOoJOObWNRLTSL2ygAyO+gN5KXeRObK4QIMOn:8II5KNZk2ygAyONw5W4QIT
                                                                                                                                                                                                                                                                                                                                  MD5:C5AD2C7E6331C37E5A70D989832EB250
                                                                                                                                                                                                                                                                                                                                  SHA1:53C2EC3AAE4BBD62B5B7095BEC8FE7E915ADE4F6
                                                                                                                                                                                                                                                                                                                                  SHA-256:F72019A677A2A8447D6E72A731C2EC3EBEC6AE03CD7FE266637E665EE11AF7FF
                                                                                                                                                                                                                                                                                                                                  SHA-512:92DA69B448DF5821895AA017F630F1F9916F8A8623F726D72C245375B6BDA6C8B6522DD629E297E65C70F854A6457BFE9B43534FFA3A0A28FE0084EB0A07E30D
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:<configuration>.. <runtime>.. <generatePublisherEvidence enabled="false"/>.. </runtime>..</configuration>

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\ScriptEditor\GA.Analytics.Monitor.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):53704
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.271434268217771
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:768:7su21mzJ3+LDDke5WcsvOvHOQ+5bQZdKXJccxYi:7qmByvke5Wcs22QRGKLi
                                                                                                                                                                                                                                                                                                                                  MD5:6F9E5C4B5662C7F8D1159EDCBA6E7429
                                                                                                                                                                                                                                                                                                                                  SHA1:C7630476A50A953DAB490931B99D2A5ECA96F9F6
                                                                                                                                                                                                                                                                                                                                  SHA-256:E3261A13953F4BEDEC65957B58074C71D2E1B9926529D48C77CFB1E70EC68790
                                                                                                                                                                                                                                                                                                                                  SHA-512:78FD28A0B19A3DAE1D0AE151CE09A42F7542DE816222105D4DAFE1C0932586B799B835E611CE39A9C9424E60786FBD2949CABAC3F006D611078E85B345E148C8
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...4.+[.........." ..0.................. ........... ..............................).....`.................................?...O.......`................3........................................................... ............... ..H............text........ ...................... ..`.rsrc...`...........................@..@.reloc..............................@..B................s.......H.......PM...c..........................................................>..(......(....*..{....*"..}....*..{....*"..}....*f.(......(.....(....(....*..{....*"..}....*..{....*"..}....*..{....*..{....*"..}....*..{....*"..}....*..(.....s....}.....{.....o.....s....}....*..(.....s....}.....{.....o......s....}....*..(......s....}.....{.....o......s....}....*....0..z........-.r...ps....z.-.r...ps....zs......r!..pr%..po.....r1..p.o.....r7..p.o.....,..r=..p.o.....,..rC..p..(....(....o.

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\ScriptEditor\GA.Analytics.Monitor.pdb

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:MSVC program database ver 7.00, 512*187 bytes
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):95744
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):3.5761633792805214
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:768:qT0N9rXf8+G/ne3F8VWITK2gaZbAjJcrNtPja+RLDVa:i0N9rX2nevITK2CjC2+RPVa
                                                                                                                                                                                                                                                                                                                                  MD5:DF9591879A5AF2A8458FB9148E197313
                                                                                                                                                                                                                                                                                                                                  SHA1:189DF547DB269F1694603EAB40519EC0086FC326
                                                                                                                                                                                                                                                                                                                                  SHA-256:6C19EC08FFB13998ACE51E1B531128AF12CD47CCADFF5E346176C6992C00A843
                                                                                                                                                                                                                                                                                                                                  SHA-512:89C8F7686048E3329D47BD7F6678CCA880D1C2A704664A44276090ED2A5B6452D964C69E2D0161EC8B69586E3AAE3C99F63445C22122A1B9BF532234F93AF65C
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:Microsoft C/C++ MSF 7.00...DS...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\ScriptEditor\QWhale.Common.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):196608
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.177812068372721
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:1536:jnPlSpsvrGlP3wYeBKpqmSNbgM9ZtZLZQErK3PmIDXRtFhCj6ocpjyc44lc:rlSpsnQCg4ZtZmECfRtF0cpjy94lc
                                                                                                                                                                                                                                                                                                                                  MD5:AC80E3CA5EC3ED77EF7F1A5648FD605A
                                                                                                                                                                                                                                                                                                                                  SHA1:593077C0D921DF0819D48B627D4A140967A6B9E0
                                                                                                                                                                                                                                                                                                                                  SHA-256:93B0F5D3A2A8A82DA1368309C91286EE545B9ED9DC57AD1B31C229E2C11C00B5
                                                                                                                                                                                                                                                                                                                                  SHA-512:3ECC0FE3107370CB5EF5003B5317E4EA0D78BD122D662525EC4912DC30B8A1849C4FA2BBB76E6552B571F156D616456724AEE6CD9495AE60A7CB4AAA6CF22159
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....8V...........!......... ........... ........@.. .......................@............@.....................................W............................ ......X................................................ ............... ..H............text...4.... ...................... ..`.rsrc...............................@..@.reloc....... ......................@..B........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\ScriptEditor\QWhale.Editor.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):835584
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.8267693764214945
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:12288:vC84TFHhCRR87er17m62l/YpMVuRWGoN0ty6B:vC9T+R87er325wMVuRaGtPB
                                                                                                                                                                                                                                                                                                                                  MD5:EAA268802C633F27FCFC90FD0F986E10
                                                                                                                                                                                                                                                                                                                                  SHA1:21F3A19D6958BCFE9209DF40C4FD8E7C4CE7A76F
                                                                                                                                                                                                                                                                                                                                  SHA-256:FE26C7E4723BF81124CDCFD5211B70F5E348250AE74B6C0ABC326F1084EC3D54
                                                                                                                                                                                                                                                                                                                                  SHA-512:C0D6559FC482350C4ED5C5A9A0C0C58EEC0A1371F5A254C20AE85521F5CEC4C917596BC2EC538C665C3AA8E7EE7B2D3D322B3601D69B605914280FF38315BB47
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....8V...........!......... .......... ........@.. ...................................@.....................................K.................................................................................... ............... ..H............text....... ...................... ..`.rsrc...............................@..@.reloc..............................@..B........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\ScriptEditor\QWhale.Syntax.Parsers.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):1196032
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.697795751444429
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:6144:DDsAkHPWoMvThdMlLQtRZfScxaHrlXnp55VAWvRY02OCo6+shEd2qxrGa:DDs7uounM5WSNAG2otTh
                                                                                                                                                                                                                                                                                                                                  MD5:9FE6E9CFEDB661C61A2C70FA75008EC3
                                                                                                                                                                                                                                                                                                                                  SHA1:0F6A0F4E7FC5552088D3F2DD0C0ADF6F6C45B686
                                                                                                                                                                                                                                                                                                                                  SHA-256:ACFF23204982780D844F5B0CBFE0BF1849C1DFE782CB4084BA2BDC9BF53F026C
                                                                                                                                                                                                                                                                                                                                  SHA-512:A8864EE43628F667D6E0ACF071FBBA414FF768FE9DD302E6F9498432B3CE48A22DEECFE438099A3CAA684AD8E9588FAE111DE752C37C158EEBD76E48AB67E02D
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....8V...........!......... ......./... ...@....@.. ..............................].....@.....................................W....@.......................`......@................................................ ............... ..H............text...$.... ...................... ..`.rsrc........@....... ..............@..@.reloc.......`.......0..............@..B........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\ScriptEditor\QWhale.Syntax.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):233472
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.650842692777023
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:3072:Ns/3b/8FpHf3kBFcCsbfqai2/8Fjitdmus95jMRrgk+vWZYz39dHiB796k9gR5+r:NQLa/kBFcCsbfRgzM07XGk+V
                                                                                                                                                                                                                                                                                                                                  MD5:3BE64186E6E8AD19DC3559EE3C307070
                                                                                                                                                                                                                                                                                                                                  SHA1:2F9E70E04189F6C736A3B9D0642F46208C60380A
                                                                                                                                                                                                                                                                                                                                  SHA-256:79A2C829DE00E56D75EEB81CD97B04EAE96BC41D6A2DBDC0CA4E7E0B454B1B7C
                                                                                                                                                                                                                                                                                                                                  SHA-512:7D0E657B3A1C23D13D1A7E7D1B95B4D9280CB08A0ACA641FEB9A89E6B8F0C8760499D63E240FE9C62022790A4822BF4FE2C9D9B19B12BD7F0451454BE471FF78
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....8V...........!.....`... ......>w... ........@.. ....................................@..................................v..W...................................hv............................................... ............... ..H............text...DW... ...`.................. ..`.rsrc................p..............@..@.reloc..............................@..B........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\FiddlerOrchestra.Addon.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):48464
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.052763590431923
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:768:4/CVPuRQuxvtICmEI086vCNVTFzQyxQyHjNbpVu5yUJhFx06qxf1mlZxfyKEU:4/5YEI08WCNVTPHjdvunhFxefInfy
                                                                                                                                                                                                                                                                                                                                  MD5:2D94327624F5787DF9D0E87DAC28987F
                                                                                                                                                                                                                                                                                                                                  SHA1:902450AFD77BED60D508D482502C562EF332342F
                                                                                                                                                                                                                                                                                                                                  SHA-256:ACC04FEC692C7F5E6806FB14B8D3EFA3D6670830C74A59D02613BC444DB2DBDA
                                                                                                                                                                                                                                                                                                                                  SHA-512:D93454E51C984488F24D255523A6453625063AC44DCDDD42934E4CC9C10B9940A1F7D69689B224620D08E9A24D0E109A8346F23690D37993F9B4E3BF37831735
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......f.........." ..0.................. ........... ....................................`.....................................O.......................P#..........p................................................ ............... ..H............text........ ...................... ..`.rsrc...............................@..@.reloc..............................@..B.......................H........I..`^..........p...............................................J.(.....s....}....*..0..F.........P.....{.....o.....o....(.......i..iX.P........i(.........i..i(.....*2r...p.(....*..0..........~....%-.&+....o......&..*...................Vr-..p.....r[..p.....*.(G...*....0...........(......o.....3z.o ....3...*.o ....3 .o!... 6...2...*.o!.....2...*..*.o ...-=.o!... ov..30.o"... ....2...*.o"... .G..2..*.o"... .:..1..*.*.*:.(......}....*V.{......{.....X}....*.*..0..........

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\FiddlerOrchestra.Addon.pdb

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:MSVC program database ver 7.00, 512*143 bytes
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):73216
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):3.766398244627265
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:768:5ziqJO0yHHfxdjKn5z/SHewtfWohS79rHsjbYblVkE81JbvaYB7O4K/N803eq:5FMJtfRS9fVkp1JbvzvK/N803e
                                                                                                                                                                                                                                                                                                                                  MD5:6ED744CF6E4961166850BF2C3776C60A
                                                                                                                                                                                                                                                                                                                                  SHA1:C3AD35DA56C580F8A4FB23F3643083B651B5053A
                                                                                                                                                                                                                                                                                                                                  SHA-256:40C0B15720A91FB0D01DCE726F1B572CEFFAED2730BCD19E514944A2C46BDE67
                                                                                                                                                                                                                                                                                                                                  SHA-512:1EC813BF91E1A6AC116A13AF36ADB14D6177458281CD5008270C27460BEAAF0862C62A37D83E5488A01BA0112B053B59AEF222E4F72A9C60DFE8E7849CF53A8D
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:Microsoft C/C++ MSF 7.00...DS...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\FiddlerOrchestra.Connection.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):1924432
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.3855224265422645
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:49152:ukLbcPdI5jVkVyEf8MLFlB/dl7KsQ3+rLmk54adK5CfMANogrSPg:9EBFXJfJgg
                                                                                                                                                                                                                                                                                                                                  MD5:F368E19CCEE6123B3E56DB718359DC29
                                                                                                                                                                                                                                                                                                                                  SHA1:EAA31F6792AA2C350D28DD0FF86CE79B37EAB8F6
                                                                                                                                                                                                                                                                                                                                  SHA-256:2149BEF279127ADFFC549F9311D6EC4F69B09492210F81147989D23663F2E6B7
                                                                                                                                                                                                                                                                                                                                  SHA-512:B4849E21FB1CFA3BCB9409884B88F52FA222BD6536DF3A9117DA6F5A8B9082B603B2F4A6E7575DDAD8729A4519E7B87C8B8BFF462A96362842781A6E3EFC166C
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....Z..........." ..0..0..........:.... ...`....... ..............................m;....`....................................O....`...............:..P#...........>..p............................................ ............... ..H............text..../... ...0.................. ..`.rsrc........`.......2..............@..@.reloc...............8..............@..B........................H............x..........................................................Z..3..*.,..-..*..(....*Z..3..*.,..-..*..(....*Z..3..*.,..-..*..(....*Z..3..*.,..-..*..(....*.0..&.........i....i...*..+...Y........a`..-.....*Z..3..*.,..-..*..(....*Z..3..*.,..-..*..(....*.0............i....i...*..Y..........*.-..*..0............i....i...*..Y..........*.-..*..0............i....i...*..Y..........*.-..*..0............i....i...*..Y..........*.-..*..0............i....i...*..Y..........*.-..*.

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\FiddlerOrchestra.Protocol.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):23888
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.984132667933805
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:384:CjDVyXBjiEBhcogJmxNRehZ30LYZQ3nrEix3mcoh9qjdAA1m5wMPhzmufAKNy:CcYmxNRUELY8nzxO9qxf1mlZxfAK
                                                                                                                                                                                                                                                                                                                                  MD5:19586252830F7BC0A71251C193A61B6A
                                                                                                                                                                                                                                                                                                                                  SHA1:FF7AC037E191E361E5604290C54CEAC44FA487AF
                                                                                                                                                                                                                                                                                                                                  SHA-256:0C34D01A3AFFF47CB26140EA216185F4F8996C1972833449E18823ABE2461A29
                                                                                                                                                                                                                                                                                                                                  SHA-512:FFA82623F6B1F361C144682D8B382ABF3C8314804545796CF3D51A904FCDB06E8D8464A67FFFB6D90DF03EB739A688F40A91A004525AEDFB64E6810732547EC4
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....}............" ..0..0...........O... ...`....... ..............................2.....`..................................N..O....`...............:..P#...........8..p............................................ ............... ..H............text..../... ...0.................. ..`.rsrc........`.......2..............@..@.reloc...............8..............@..B.................N......H........%..<.............................................................(....*^~....-.s.........~....*....*....0..8........(........iX..iX.!..............i(..........iX..i(.....*.0..b.........(....,.r...ps....z..(.......!......i.Y~....Y.Y.!......~....X...(......~....X.X....i(......s....*......(....*&...(....*......(....*&...(....*...0..`........(......~....X..iX...iX.!.........(...........i(........~....X..i(.........~....X..iX...i(.....*.0............(.......r]..pr...p....

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\FiddlerOrchestra.Utilities.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):19280
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):7.03104080165011
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:384:BL/4qajjVuNGJcZ63rFixaEa/KqjdAA1m5wMPhzmufwKNyy:F4qbm3AxkKqxf1mlZxfwK
                                                                                                                                                                                                                                                                                                                                  MD5:DF7B78ACF4A4FF7DCC2B7071E10ABF85
                                                                                                                                                                                                                                                                                                                                  SHA1:27576CE153730F09A362484F2B9A5FCC82BEBEFE
                                                                                                                                                                                                                                                                                                                                  SHA-256:5D8319BFC4C920BCF655E49638EE894B7B39502AEDFF39E1758E7A112DAA3F0B
                                                                                                                                                                                                                                                                                                                                  SHA-512:9151D89CAA4B66993347897707175F7A1C6818935E6DB170A8BCD72FF5F5F05F294C0FFB43A118E9C811AE35E07EC7B386B89BACC26D2D02ED8DA400C11C9CF2
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L................" ..0..............<... ...@....... ...............................&....`.................................8<..O....@..$............(..P#...`.......)..p............................................ ............... ..H............text........ ...................... ..`.rsrc...$....@....... ..............@..@.reloc.......`.......&..............@..B................l<......H.......,!..h............................................................0..6.........i(......(......i..iX..........i(.........i..i(.....*...0..........~................i(.....(....*...i~......r...pr=..p~.........(....s....z.(......(....*...0...........(......(.....*:~....,..(....*.......*..BSJB............v4.0.30319......l...d...#~......4...#Strings........X...#US.\.......#GUID...l.......#Blob...........W..........3............................................................

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\QWhale.Common.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):196608
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.177812068372721
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:1536:jnPlSpsvrGlP3wYeBKpqmSNbgM9ZtZLZQErK3PmIDXRtFhCj6ocpjyc44lc:rlSpsnQCg4ZtZmECfRtF0cpjy94lc
                                                                                                                                                                                                                                                                                                                                  MD5:AC80E3CA5EC3ED77EF7F1A5648FD605A
                                                                                                                                                                                                                                                                                                                                  SHA1:593077C0D921DF0819D48B627D4A140967A6B9E0
                                                                                                                                                                                                                                                                                                                                  SHA-256:93B0F5D3A2A8A82DA1368309C91286EE545B9ED9DC57AD1B31C229E2C11C00B5
                                                                                                                                                                                                                                                                                                                                  SHA-512:3ECC0FE3107370CB5EF5003B5317E4EA0D78BD122D662525EC4912DC30B8A1849C4FA2BBB76E6552B571F156D616456724AEE6CD9495AE60A7CB4AAA6CF22159
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....8V...........!......... ........... ........@.. .......................@............@.....................................W............................ ......X................................................ ............... ..H............text...4.... ...................... ..`.rsrc...............................@..@.reloc....... ......................@..B........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\QWhale.Editor.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):835584
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.8267693764214945
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:12288:vC84TFHhCRR87er17m62l/YpMVuRWGoN0ty6B:vC9T+R87er325wMVuRaGtPB
                                                                                                                                                                                                                                                                                                                                  MD5:EAA268802C633F27FCFC90FD0F986E10
                                                                                                                                                                                                                                                                                                                                  SHA1:21F3A19D6958BCFE9209DF40C4FD8E7C4CE7A76F
                                                                                                                                                                                                                                                                                                                                  SHA-256:FE26C7E4723BF81124CDCFD5211B70F5E348250AE74B6C0ABC326F1084EC3D54
                                                                                                                                                                                                                                                                                                                                  SHA-512:C0D6559FC482350C4ED5C5A9A0C0C58EEC0A1371F5A254C20AE85521F5CEC4C917596BC2EC538C665C3AA8E7EE7B2D3D322B3601D69B605914280FF38315BB47
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....8V...........!......... .......... ........@.. ...................................@.....................................K.................................................................................... ............... ..H............text....... ...................... ..`.rsrc...............................@..@.reloc..............................@..B........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\QWhale.Syntax.Parsers.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):1196032
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.697795751444429
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:6144:DDsAkHPWoMvThdMlLQtRZfScxaHrlXnp55VAWvRY02OCo6+shEd2qxrGa:DDs7uounM5WSNAG2otTh
                                                                                                                                                                                                                                                                                                                                  MD5:9FE6E9CFEDB661C61A2C70FA75008EC3
                                                                                                                                                                                                                                                                                                                                  SHA1:0F6A0F4E7FC5552088D3F2DD0C0ADF6F6C45B686
                                                                                                                                                                                                                                                                                                                                  SHA-256:ACFF23204982780D844F5B0CBFE0BF1849C1DFE782CB4084BA2BDC9BF53F026C
                                                                                                                                                                                                                                                                                                                                  SHA-512:A8864EE43628F667D6E0ACF071FBBA414FF768FE9DD302E6F9498432B3CE48A22DEECFE438099A3CAA684AD8E9588FAE111DE752C37C158EEBD76E48AB67E02D
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....8V...........!......... ......./... ...@....@.. ..............................].....@.....................................W....@.......................`......@................................................ ............... ..H............text...$.... ...................... ..`.rsrc........@....... ..............@..@.reloc.......`.......0..............@..B........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\QWhale.Syntax.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):233472
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.650842692777023
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:3072:Ns/3b/8FpHf3kBFcCsbfqai2/8Fjitdmus95jMRrgk+vWZYz39dHiB796k9gR5+r:NQLa/kBFcCsbfRgzM07XGk+V
                                                                                                                                                                                                                                                                                                                                  MD5:3BE64186E6E8AD19DC3559EE3C307070
                                                                                                                                                                                                                                                                                                                                  SHA1:2F9E70E04189F6C736A3B9D0642F46208C60380A
                                                                                                                                                                                                                                                                                                                                  SHA-256:79A2C829DE00E56D75EEB81CD97B04EAE96BC41D6A2DBDC0CA4E7E0B454B1B7C
                                                                                                                                                                                                                                                                                                                                  SHA-512:7D0E657B3A1C23D13D1A7E7D1B95B4D9280CB08A0ACA641FEB9A89E6B8F0C8760499D63E240FE9C62022790A4822BF4FE2C9D9B19B12BD7F0451454BE471FF78
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....8V...........!.....`... ......>w... ........@.. ....................................@..................................v..W...................................hv............................................... ............... ..H............text...DW... ...`.................. ..`.rsrc................p..............@..@.reloc..............................@..B........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\RulesTab2.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):36176
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.117463506192713
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:768:PNoBcMh+986ePoa/xfxNqxf1mlZxf9K6J:P++9nBa5fxSfInf9
                                                                                                                                                                                                                                                                                                                                  MD5:6A4C918DAD807E7E8B0E9CC75937377E
                                                                                                                                                                                                                                                                                                                                  SHA1:C25ACDF8C206D4B70981A94B4074B4FE5B3ADCFD
                                                                                                                                                                                                                                                                                                                                  SHA-256:FAA5995DCCD9ACB0C6805E5B6F1C529D151A35D6C881447D64A75DF84BCC06D2
                                                                                                                                                                                                                                                                                                                                  SHA-512:946D1ECCC616121625A91A008EA400891F773D3220B8C8B4DA5597EC4E8FCBA90641A07D16304BA69C03F148C6D2EF7EE247155B4C21559A4ED630B66EFEA437
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......f.........." ..0..`...........~... ........... ...............................;....`.................................t~..O.......<............j..P#..........<}............................................... ............... ..H............text....^... ...`.................. ..`.rsrc...<............b..............@..@.reloc...............h..............@..B.................~......H........<...:...........v..H.............................................(....*.0...........{....,.*(....{.....{....o.....{....o.....s....}....~.....{....o....o.....T.{.....{....o....o....~....s....o.....{....{.....{....{....o....o....~....s....o.....{....o.....{....o.....{.....o....~....,.~...........s....o ...~...........s!...o"...+.r...pro..p(#...&.{.....o$...*..0...........r...ps%...}.....{.....o&....s'...}.....{.... ......s(...o)....{....(*...o+....{....r...p".. As,...o

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\SampleRules.cs

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):24205
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.820052706771108
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:192:/HpPa8Y59pOJ6vClGRhLYTOdyB0kHKdbKAzUaN5lXDmxpl9XB3KLTHIJLerD+xFc:/pPYvCA8fJDdHtVYOm
                                                                                                                                                                                                                                                                                                                                  MD5:805FAB2323135D4CA11FD855AE509F1E
                                                                                                                                                                                                                                                                                                                                  SHA1:E9807A47E2E7FB69AC39544414C03B5EC549B8F8
                                                                                                                                                                                                                                                                                                                                  SHA-256:F2420514316F503089865CBDC2B3DA6F0CFD7CF7EFDCA46677A6CDF7B327697D
                                                                                                                                                                                                                                                                                                                                  SHA-512:0B2E40E0D1119C27CC79F70A04BA6EDA255D0C3E6908B061D354DBB9411B50126890DF42E873872829A8B6AD7E922780E92DDE130B9CF07F34971D61D31BFE45
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:using System;..using Fiddler;..using System.Text;..using System.Windows.Forms;..using System.Collections;..using System.Collections.Generic;....// INTRODUCTION..// This is the FiddlerScript Rules file, which creates some of the menu commands and..// other features of Fiddler. You can edit this file to modify or add new commands...//..// NOTE: This is the C# version of the script, which can be used on Windows and Mono,..// unlike the JScript.NET script, which can be used only on Windows. In order to use..// a JScript.NET script on Mono, you must rewrite it in C#...//..// The original version of this file is named SampleRules.cs and it is in the..// \Fiddler\ app folder. When Fiddler first starts, it creates a copy named..// CustomRules.cs inside your \Documents\Fiddler2\Scripts folder. If you make a ..// mistake in editing this file, simply delete the CustomRules.cs file and restart..// Fiddler. A fresh copy of the default rules will be created from the original..// sample rules file...

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\SampleRules.js

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):22528
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.048901021011334
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:192:M8hsqImy1MTb0LB1GeagkQqzzzgWGZIVW0Gdcen9CpNlPdhr3f8nYny7+zjW6CXp:MI0gg2zWia9SVnyqOZ
                                                                                                                                                                                                                                                                                                                                  MD5:CB7BF8B2D0E15C0ECC290A242B9F743A
                                                                                                                                                                                                                                                                                                                                  SHA1:F1215262C0729DC6700FD5158EF6E437E64A4821
                                                                                                                                                                                                                                                                                                                                  SHA-256:69CC5397E0FA9F99A0D21476DA21147631A213F9F15652F8F182F34025ABB500
                                                                                                                                                                                                                                                                                                                                  SHA-512:49202347079E366477BA67372B086F5064B108C0C40AA52DFD833DEE821B87CC37D9929D5DA4FEFDD62A824EBF34C161107F08EA7B33D866D21C266CE99972FE
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:.import System;..import System.Windows.Forms;..import Fiddler;....// INTRODUCTION..//..// Well, hello there!..//..// Don't be scared! :-)..//..// This is the FiddlerScript Rules file, which creates some of the menu commands and..// other features of Progress Telerik Fiddler Classic. You can edit this file to modify or add new commands...//..// The original version of this file is named SampleRules.js and it is in the..// \Program Files\Fiddler\ folder. When Fiddler Classic first runs, it creates a copy named..// CustomRules.js inside your \Documents\Fiddler2\Scripts folder. If you make a ..// mistake in editing this file, simply delete the CustomRules.js file and restart..// Fiddler Classic. A fresh copy of the default rules will be created from the original..// sample rules file.....// The best way to edit this file is to install the FiddlerScript Editor, part of..// the free SyntaxEditing addons. Get it here: http://fiddler2.com/r/?SYNTAXVIEWINSTALL....// GLOBALIZATION NOTE: Save t

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\SimpleFilter.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):139600
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.9042579366418115
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:3072:LZNNChh9B+OJy6kGDoK6zOtXJuJCy6zqgqklA53eD5ARZDWaOrMz0k7CDeqysHOu:LZNN6+OJy6kGDoK6zOtXJuJCy6zhqklc
                                                                                                                                                                                                                                                                                                                                  MD5:01A0B4A938E6A2F01A760F7944E0F21B
                                                                                                                                                                                                                                                                                                                                  SHA1:3B026A4BEDF5ADEB2260915A5EB540D468CF3530
                                                                                                                                                                                                                                                                                                                                  SHA-256:B8B8DC59A51ABE237F563E61AA870C695BC02D3374FDE88E75C78E04767FEE59
                                                                                                                                                                                                                                                                                                                                  SHA-512:B7315A3245F7DDBBCBE93EA3CB5DCD56E1153E7A763519DE5347B60AD7045F8C894EB5B6CDF9186464C92DDE62AF0B5A8A18F909B1A3BAD7096223FECE75D9D7
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......f.........." ..0.............>.... ... ....... .......................`............`.....................................O.... ..H...............P#...@....................................................... ............... ..H............text...`.... ...................... ..`.rsrc...H.... ......................@..@.reloc.......@......................@..B................ .......H...........T................>...........................................0..4.......r...ps.............s....o....(....{....o.....o....&*.0..T.......~....r5..prK..p.o....s......(....o.....2Xo.....(....o ....2Xo!....{.....o"....o#...*.0..;........{....o$....+...(%...o&.....('...-...........o(......}....*..........%......J.s)...}.....(*...*6.(+....(....*....0..8.........o,...ru..po-...-..o,...~....o-...-...%.o/....+..o/...*.0..(........o,...ru..po0...t......,...i./.*..(....*.0..

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\SimpleFilter.pdb

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:MSVC program database ver 7.00, 512*311 bytes
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):159232
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.136185964800421
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:1536:SLJtXaPf0NoEi+zjJXmpYCL16PQJP5YFwRsCQ2tL8fuWdfW6IwAvs:SLSUNiUVsfYIim+CFL8fbdJI3
                                                                                                                                                                                                                                                                                                                                  MD5:92F1037CD875460F304A7564C33B370B
                                                                                                                                                                                                                                                                                                                                  SHA1:BACAB8E643D92C4701260F93A93FA94952B1890E
                                                                                                                                                                                                                                                                                                                                  SHA-256:BBF529B21B967B6766CE8F2F3EE5B7DCC7B15DBA7444E196D5F29E7D9B3B9E97
                                                                                                                                                                                                                                                                                                                                  SHA-512:59B7D7E001FF12E70839DE00841F47E75429FC8F1DF490FF71FF458980AFA9A9936CE52CA1BA67607114FB76ECA0550897D449DDD0E8AD2F408D382883B9B3EE
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:Microsoft C/C++ MSF 7.00...DS...........7...........6...................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\Timeline.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):40272
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.14632372254344
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:768:zE8uqoL19VqLPLyYh/9L5zOBRz6e4NPTiOuxk/Smqxf1mlZxf4K:2VqLPLyYh95GzyiOuxSSbfInf4
                                                                                                                                                                                                                                                                                                                                  MD5:7AFA2FA521C70AF44C147A423783EEF1
                                                                                                                                                                                                                                                                                                                                  SHA1:30B09B0956961300AD6474D2E9AF4365935B5BCC
                                                                                                                                                                                                                                                                                                                                  SHA-256:8A9D4FA0C9FDFA5680C812FB79BC79F6BEF9285CC7BCCF1FAD2BB1BAD09E5271
                                                                                                                                                                                                                                                                                                                                  SHA-512:490BACCD6D08EFDFF67C3A7B6AA3D60757EE4EE0E412ED693F0B7ACE93FCCC441D4C7E744926A97B24C25FF0E7A9DB4150CB94970706B26A2F952F2CDB091B2E
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......f.........." ..0..p.............. ........... ....................................`.....................................O.......(............z..P#..........P................................................ ............... ..H............text....n... ...p.................. ..`.rsrc...(............r..............@..@.reloc...............x..............@..B........................H........U...6...........................................................0..R......................................... .........(.........(......... ................*...0..'........u......-.r...ps....z.|.....{....(....*..(....*..0..n........~....}%....~....}&.... ....}'....(.....r]..p"...@s....} ....r]..p".. A.s....}!....(....rk..p.{'...o....}'...*...0..I........r...ps....}.....{......o....(....{....o.....{....o ..........s!...("...*"..}....*...0..J........o#... ....3<.(....,

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\Timeline.pdb

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:MSVC program database ver 7.00, 512*79 bytes
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):40448
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):3.5898173584399893
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:384:lz4RN/pYENw2WU576+k2g1K1Kz3Z3I44JLJbanBg+ekK2:lz4RN/pC2Thk2g1L35WLJiK
                                                                                                                                                                                                                                                                                                                                  MD5:E4C404FECE83528A5B6EE4D9F925DB5A
                                                                                                                                                                                                                                                                                                                                  SHA1:252128ADAB2610B0CD13F2EA84F74E28D7F3801F
                                                                                                                                                                                                                                                                                                                                  SHA-256:D48C3DDB8451C9A077A6BFE8CAB99AA2FD72F3E241C99B0DED333D648BCFD831
                                                                                                                                                                                                                                                                                                                                  SHA-512:4D5EACA60F88C5FFF63F3EE7867B88AE38105657CA3E6B09D2AF2BB04B4F0FDAE77B0A13C928FAC5EBE804A6C6D6CA191B9733D9D81155796C5E46E7BE8BFAF4
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:Microsoft C/C++ MSF 7.00...DS...........O...........N...................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\netstandard.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):98616
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.627990537858435
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:1536:Q2Ec05j4eAH64rh5fSt5T9nFcI94WiVQTjpu:nlK4eA7mDmWqQXpu
                                                                                                                                                                                                                                                                                                                                  MD5:0ADF6F32F4D14F9B0BE9AA94F7EFB279
                                                                                                                                                                                                                                                                                                                                  SHA1:68E1AF02CDDD57B5581708984C2B4A35074982A3
                                                                                                                                                                                                                                                                                                                                  SHA-256:8BE4A2270F8B2BEA40F33F79869FDCCA34E07BB764E63B81DED49D90D2B720DD
                                                                                                                                                                                                                                                                                                                                  SHA-512:F81AC2895048333AC50E550D2B03E90003865F18058CE4A1DFBA9455A5BDA2485A2D31B0FDC77F6CBDFB1BB2E32D9F8AB81B3201D96D56E060E4A440719502D6
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Yara Hits:
                                                                                                                                                                                                                                                                                                                                  • Rule: JoeSecurity_GenericDownloader_1, Description: Yara detected Generic Downloader, Source: C:\Users\user\AppData\Local\Programs\Fiddler\Scripts\netstandard.dll, Author: Joe Security
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...M..Z.........." ..0..8...........U... ...`....... ..............................v.....@..................................U..O....`..,............B..8?........................................................... ............... ..H............text....6... ...8.................. ..`.rsrc...,....`.......:..............@..@.reloc...............@..............@..B.................U......H.......P ...4..................,U......................................BSJB............v4.0.30319......l...|...#~.....d...#Strings....L3......#US.T3......#GUID...d3..x...#Blob......................3................................q.....2B........e$.M...,.M.....M...4.M...1.M...1.M..v..M...*.M...*.M....p...........................!.....).....1.....9.....A.....I.................................#.......+.......3.......;.J.....C.f.....K.f...................2.....................

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\SetupHelper

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):19280
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.308710062943988
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:384:OjgQl6Tk+JUEt/aSowaHJVixUhl/iqjdAA1m5wMPhzmuf1KNyn:OjHsk+JxaSqixC/iqxf1mlZxf1KE
                                                                                                                                                                                                                                                                                                                                  MD5:1289DC21A51FB89E685FA4C91764C00E
                                                                                                                                                                                                                                                                                                                                  SHA1:B24210C4E71ACE272A1984E171D50380687F73FE
                                                                                                                                                                                                                                                                                                                                  SHA-256:3E6F9A8B9DBD8ADB521CE02A1C34E20350B3DF438DEB5BC4ADA33C8CCA6D25B9
                                                                                                                                                                                                                                                                                                                                  SHA-512:9CF63F042197470E622B97BF11845722C6338E69F08932B2F11ECA576162235FF82C2DEF13BF42CEA4C3B583EBD0342CA10CA6E5F2A3C53E4A6DB5AE7006A0F2
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......f.........."...0..............:... ...@....@.. ..............................J.....`.................................X:..O....@...............(..P#...`...... 9............................................... ............... ..H............text........ ...................... ..`.rsrc........@......................@..@.reloc.......`.......&..............@..B.................:......H.......D$...............................................................0..Z.......r...p.....r...p~....r5..p(.........rQ..p~....r@..p(.........ry..p....(....r...p(.........*...0..t.........,....r...p(....,.~....(.....*.(......(.....,..*.....(......r...p.o....,...(....`.+..r...p.o....,...(....`..(.....*.0............i...-.(....~....o.....*.......r...p.o....-..r...p.o....+..-.(....r...p.(....o......`..(......(....-.(....r...p.(....o......`..*....0..]........(....,..*..(....-..

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\Telerik.NetworkConnections.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):35464
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.453233280342992
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:768:GfDHRLnD0jEGs7UUe7DZXKNT8NTcYfKal:SHZgZ6F8Fctal
                                                                                                                                                                                                                                                                                                                                  MD5:798D6938CEAB9271CDC532C0943E19DC
                                                                                                                                                                                                                                                                                                                                  SHA1:5F86B4CD45D2F1FFAE1153683CE50BC1FB0CD2E3
                                                                                                                                                                                                                                                                                                                                  SHA-256:FB90B6E76FDC617EC4EBF3544DA668B1F6B06C1DEBDBA369641C3950CAB73DD2
                                                                                                                                                                                                                                                                                                                                  SHA-512:644FDE362F032E6E479750696F62E535F3E712540840C4CA27E10BDFB79B2E5277C82A6D8F55F678E223E45F883776E7F39264C234BC6062FC1865AF088C0C31
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 2%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....X.].........." ..0..L..........>j... ........... ..............................o.....@..................................i..O....................V...4...........h............................................... ............... ..H............text...DJ... ...L.................. ..`.rsrc................N..............@..@.reloc...............T..............@..B................ j......H...........`9..................4h......................................b.( .....r...p(...+}....*....0............o.......(.....*....................0..)........{.........(!...t......|......(...+...3.*....0..)........{.........(#...t......|......(...+...3.*..{....*...3..*.,..($....o$...(%...,..*.(.....o....(....*6..u....(....*F.(....(...+(O...*:..o.....(&...*N.{....%-.&*..o'...*.*..( .....r...p(L...o(...}......r'..p(L...o(...}....*..{....*..{....*...3..*.-..*.(.....o....()...

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\Tools\Brotli.exe

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):749771
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.0532628201503185
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:12288:I3H2D06ndyrxxCP9myHMfAHhlyVM1o/5XTw05nmZfRR8cdMnXFb:GH2D06ndM2Vmy2AOKAmZfR2cdMnXFb
                                                                                                                                                                                                                                                                                                                                  MD5:E57E9ADB99414CF052CD9C90205BFE3D
                                                                                                                                                                                                                                                                                                                                  SHA1:5765B48637395C48AC839BB31C0842E90EAFFD90
                                                                                                                                                                                                                                                                                                                                  SHA-256:BDF333EBAD3C91E5280755C07AB6EB4E8FFD4463F96617F33C25F66EF82B341F
                                                                                                                                                                                                                                                                                                                                  SHA-512:2F1A75DE7B49BC150DEAA28C99B9C970C02E1D562598097E64E5128613DC79DCFBA2A6F9D948FDA9DBF5C5363C842FA7C5DADE51475751DE91A005683DA3B9AC
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L.....$X..................................... ....@..........................`................ ..............................0..0............................................................P.......................1..D............................text...$...........................`.P`.data...,.... ......................@.0..rdata..p....0......................@.`@.eh_fram.E.......F..................@.0@.bss....4.... ........................`..idata..0....0......................@.0..CRT.........@......................@.0..tls.... ....P......................@.0.................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\Tools\JXR2PNG.exe

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):14296
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.2892904031397325
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:192:62ma8AyahFW1zxM7x0tbKktMhDWpHeLWwsU7K6CY1PK:wAHhFW1gzzDGNMK6j
                                                                                                                                                                                                                                                                                                                                  MD5:1BA9AD64054A370E87D4F50B8C66572D
                                                                                                                                                                                                                                                                                                                                  SHA1:C78EB09DB64F8414274AEF95C5133095FD35A776
                                                                                                                                                                                                                                                                                                                                  SHA-256:B210D589290A6364A9E303C2F72831C9F6A303B73F898E9AE4AEC961E61DF875
                                                                                                                                                                                                                                                                                                                                  SHA-512:7DC88886C6D67251546301C6064FD0465A29AA7D1709D979590B004E7433AF5BF78E0210CB93D9B919B55EE079A1AF4481101375DE9F752B0348904A04B6A312
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L.....T.............................-... ...@....@.. ...............................N....@..................................,..S....@.......................`.......+............................................... ............... ..H............text...$.... ...................... ..`.rsrc........@......................@..@.reloc.......`......................@..B.................-......H.......h!..(............................................................0..M.......s......o......s....o.....o......s.....s.......o.....o.....(....o......o.....*....0............i./.r...p(.....*.....(....-.(.....(.......i.1.....+..r...p( .....(....-.(.....(......(!...-.r...p.("......)..(....,........r...p.o#...( ...($......*.*........j|..#.....(%...*BSJB............v2.0.50727......l.......#~..l...(...#Strings........4...#US.........#GUID.......P...#Blob...........G.........%3

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\Tools\JXR2PNG.exe.config

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):279
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.874729609699232
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:6:TMVBd1II5KNZk2ygAyONw5KqfVKNC7VrfC7VNQlcXuAW4QIm:TMHdGzNZoE0w0OVO+Qr93xm
                                                                                                                                                                                                                                                                                                                                  MD5:F7CEF9EF7B7B0D5D17E496A0AA5EF753
                                                                                                                                                                                                                                                                                                                                  SHA1:26605124011AE156EE2687B7973F95C1862F6106
                                                                                                                                                                                                                                                                                                                                  SHA-256:EAAEBA1A6B05A4091D7271DA8B8A7BD0C3F39B73968C50287267A78D60E0FDD2
                                                                                                                                                                                                                                                                                                                                  SHA-512:76B0FAE88A24B1ED5A5B03DB672CF2D3B0B44DC515ECA5EE0AA631C7D30DC825BB964017DDE131BE72424EE958311AC346047D8EBF20B7E2BD65125AC5E86C0B
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:<?xml version="1.0" encoding="utf-8"?>..<configuration>.. <runtime>.. <generatePublisherEvidence enabled="false"/>.. </runtime>.. <startup>.. <supportedRuntime version="v4.0" />.. <supportedRuntime version="v2.0.50727" sku="Client"/>.. </startup>..</configuration>..

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\Tools\PngDistill.exe

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):48464
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.552325581894293
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:768:mkIVnY1pWyMxzph6akvWGTF0U0QwvI1KmwHxVLqxf1mlZxfCKGk:mLnYTspdkv5Z6vi9wHxVcfInfC
                                                                                                                                                                                                                                                                                                                                  MD5:5F00E0805FA4FC3D4733EEA45BFF9C22
                                                                                                                                                                                                                                                                                                                                  SHA1:6FEEDDFEBBE5AB383AB63FCAA10A717DF245B859
                                                                                                                                                                                                                                                                                                                                  SHA-256:7B0BDE33277F882FD41C178A85ED403A6AA0EE6479E23FDFB68132EA4B88D98F
                                                                                                                                                                                                                                                                                                                                  SHA-512:3540F2314337CB53344740B2452A0E1DC4DDD2BA846BCD7237E61C637A5904DA8B7B21424484D0D413AF681A1E2B5A1746F228C3240C7808607C82401B49D081
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......f.........."...0..H...P.......f... ........@.. ..............................T*....`..................................f..O.......,L..............P#..........Le............................................... ............... ..H............text....G... ...H.................. ..`.rsrc...,L.......N...J..............@..@.reloc..............................@..B.................f......H....... 6..,/...........................................................0...........,...-.......*....i.1....._.3.... ....Z...X..]-.......i.Ys......is......s..... .............+......o.........io....%...0....,..o......o....*......N.-{.......0..7.........i...i.....i.Y./..*..3..*...X...%.X........X.....Y1..*..0...........(.....~......(.......<....r...p(....(.....*......%.....(........X(.......X1$rI..p..&...(....~.......X(.....8..........%.....(........X(......./.r...p..&...(...

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\Tools\PngDistill.pdb

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:MSVC program database ver 7.00, 512*51 bytes
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):26112
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):3.1170502072682305
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:192:RMAPNAPAAPOKZ6wKpuCYbIHYTr9dYLWAyy3UOx9T8xweKOCBz31UO4eC5acXNwwu:Rzm/siIAYWAyy3UOx906r1QCXm
                                                                                                                                                                                                                                                                                                                                  MD5:7A8D6240EE2CBD87B652EF8EA0965874
                                                                                                                                                                                                                                                                                                                                  SHA1:97DFD509159C65799B8B574B81100C571D59EF0B
                                                                                                                                                                                                                                                                                                                                  SHA-256:C4E03D5A502E451C3A87B2855D94EDD73EE01E88BE41AF15CC98EE52CECA7EA5
                                                                                                                                                                                                                                                                                                                                  SHA-512:2D76DCE385A4B7C89BB415167FE6CF8ABC6FB5BC3EB3DD40E40B5FAD7E952D6C581843D58573643BE99BD88A99F2FF898B4C0F0A8942E17728D051FA5105B58A
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:Microsoft C/C++ MSF 7.00...DS...........3...........2...................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\Tools\Zopfli.exe

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32 executable (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):166232
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.613517009682869
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:3072:WQBil5nSdPza27aZK4zFD6bLIuEke1KsXL4PoYmopuJQ74PoXh:WQAlUdL3mF+LIWC5kd7f
                                                                                                                                                                                                                                                                                                                                  MD5:9C8CC053CE3163BDC94258DF6FAC1419
                                                                                                                                                                                                                                                                                                                                  SHA1:98ADC48ACA53CA5C6C90B9AA3DFBB60DB57FCE76
                                                                                                                                                                                                                                                                                                                                  SHA-256:FF6B47EE6165F4E10D450C96C1875D932B8E7FE788D0F53E615F2F25558DB06B
                                                                                                                                                                                                                                                                                                                                  SHA-512:099A6ACAEC501462702A33EE9A2C2A7B5E2BB91B7BB77E4E762E50166BC4AF3EA8CDE675289ED7769981627664D7161FD4E1F7EB711B91A57B6FCC550B338077
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........>R.._<.._<.._<._..._<._..m_<._..._<...?.._<...9.._<...8.._<..'..._<.._=.._<...1.._<....._<.._..._<...>.._<.Rich._<.........................PE..L.....VW.............................o............@.......................................@.................................\>..<.......8............V..X3..............T............................ ..@............... ............................text.............................. ..`.rdata.............................@..@.data...0....P.......0..............@....gfids.......p.......:..............@..@.rsrc...8............<..............@..@.reloc...............B..............@..B................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\Tools\dwebp.exe

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32 executable (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):232448
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.736426607587925
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:3072:quomVW49bB0zguJ25uPpHbbaa3TlO78fn0HZ3mHWqnaSBuPJ31T6+/zdqH:qunZb78f0wHWqD+Z1
                                                                                                                                                                                                                                                                                                                                  MD5:20E8776B40C1AE01526DF9D629A8976B
                                                                                                                                                                                                                                                                                                                                  SHA1:34045F876B75B178C706E7D2B5CFC7DB636835C0
                                                                                                                                                                                                                                                                                                                                  SHA-256:7230212A8242F90A518B5282717CCE125C06599D52274547657491C848334867
                                                                                                                                                                                                                                                                                                                                  SHA-512:97F9EE3DA84851668B12449F003B9C7CFC03CFBC7D8F77FF549DD8817DE357BD292C9DEFEEF094BC91CCF2210B47DEBDD249FA4BA7A2A5CFAD2E6237B2EB9380
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......b..#&..p&..p&..p8.lp...p8.}p8..p/.lp'..p/.{p!..p&..pM..p8.kp...p8.yp'..pRich&..p........................PE..L......R.........."...............................@.......................... ............@..................................[..P...............................H....................................U..@...............x............................text...T........................... ..`.rdata...d.......f..................@..@.data....s...p.......T..............@....rsrc................l..............@..@.reloc...............n..............@..B................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\TrustCert.exe

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):22864
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.42481430291945
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:384:/cfsypmstjY1ixjRqjdAA1m5wMPhzmufgKNy+:uE6jYsxVqxf1mlZxfgK
                                                                                                                                                                                                                                                                                                                                  MD5:AB2A6C23CC3816F9B413E740C6F6F89C
                                                                                                                                                                                                                                                                                                                                  SHA1:E2B30D0F23712BC7B9D84192ACA7DF7B370BB5B5
                                                                                                                                                                                                                                                                                                                                  SHA-256:D4E5C5ECA68451028803D134B5FAF637AC966AC6AF72D471DCB857ABC81CC086
                                                                                                                                                                                                                                                                                                                                  SHA-512:C20E0A9D3010132410C95EFC9AE30044BCB5A769DF15408D2D61200ACCC05D22B05261644F7C4A00FDB99D808D1225CAEE0CB9A9C2DE4CE868456B56529432A9
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......f.........."...0..............8... ...@....@.. ....................................`.................................48..O....@...............6..P#...`.......6............................................... ............... ..H............text........ ...................... ..`.rsrc........@......................@..@.reloc.......`.......4..............@..B................h8......H........#..D............................................................0..$.........s.......o.....o.......o.....o....*.0...........-..*.,R.r...p.-.r...p+.r...p.-.r...p+.r...p.o....o....r...pr...po....(....r...p.(.......*...s.......o.....,...o....+...o.......o........+..o....r0..p(....&rR..p.o....(....(.........*.......j...........[./..+.....0..........( .....i./.r...pr]..p(....&.*...(.................(!................(!...,T.-..+........(........o"..../+r...p.-.r...p+.r...

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\TrustCert.pdb

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:MSVC program database ver 7.00, 512*35 bytes
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):17920
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):2.2551987958150885
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:192:nfMAPZFAPAAPrTFBzR3tfxWtEf4zVZ31SFz97DhN:fzs/nfg3k
                                                                                                                                                                                                                                                                                                                                  MD5:1499F156B39FD3CFA072A994E226FF74
                                                                                                                                                                                                                                                                                                                                  SHA1:D1712686D990DC218A75829D2F7B2B03D0443932
                                                                                                                                                                                                                                                                                                                                  SHA-256:46DEDEC6804BDB2D044CD12F660A3A50B92EF354FBAE300F6E78D6BC8A282596
                                                                                                                                                                                                                                                                                                                                  SHA-512:8A7EE1A2E1F9C5A5715D539DE4EBC402DB0C4310572BD9B69E32216F8F4C547456203CB1BAF7C5E2FFF3A366F2F3F5D62CCDA7935E1CA1AAA53F8B3EFFAC7739
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:Microsoft C/C++ MSF 7.00...DS...........#........... ...................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\credits.txt

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:ISO-8859 text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):2952
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.171880854375289
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:48:1x62jjbSHhot5YZLblQuDuyPc+E4ja9OOrYJCrYJzbdopPD0432sOys3Etm13c6j:142PeHhobYZLblQuDuyEkjawOrYJCrYp
                                                                                                                                                                                                                                                                                                                                  MD5:622517E6D7A15A9950C8BE105F25039C
                                                                                                                                                                                                                                                                                                                                  SHA1:EF98484F96BBC6440D9515D6F1048DC62A8E961F
                                                                                                                                                                                                                                                                                                                                  SHA-256:0B63B836496CE758C4A84B175EAC7DB0A0DBB1104DAC33D1F97A71703E5146C6
                                                                                                                                                                                                                                                                                                                                  SHA-512:039870CC4AA92931BCD4C002669E129BAB004A0C311654551B802A1EC35BB20AF007437DCC7752459D1DF7C6168233F9AAE413AAC18D61A1996F79D2995567B8
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:Find the online version of this document here: https://fiddler2.com/r/?credits....Fiddler depends on the work of a number of other companies and individuals:....Some of Fiddler's icons were generously provided by the FatCow.com free icon set, licensed under Creative Commons. http://www.fatcow.com/free-icons..Fiddler is installed using the excellent freeware NSIS Installer. http://nsis.sourceforge.net/Main_Page ..Fiddler's HexView inspector uses an early fork of what is now the HexEditor control http://sourceforge.net/projects/hexbox/ Copyright (c) 2011 Bernhard Elbl - Licensed under the MIT License. http://www.opensource.org/licenses/mit-license.php..Fiddler's JSON parsing support is based on a sample Copyright (c)2008 Patrick van Bergen - Licensed under the MIT License...Fiddler's JavaScript formatting code is based on a sample .2012 Jonathan Wood - Licensed under the Microsoft Public License. http://www.microsoft.com/opensource/licenses.mspx..Fiddler uses the DotNetZip NuGet package

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\license.txt

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:ISO-8859 text, with very long lines (1954), with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):5041
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.5341491364928475
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:96:z220PCCe4nnikZsB1d/+DYw6Roh5RY4uYNoizT:zZmvPnnikyB1dmR6ezRYzKTT
                                                                                                                                                                                                                                                                                                                                  MD5:DA2C3104A5797F34948F766C8BACBC28
                                                                                                                                                                                                                                                                                                                                  SHA1:1C5AA77277B7178ABE2FA0938C78FB64682497CA
                                                                                                                                                                                                                                                                                                                                  SHA-256:53B68DFC6F203A233364DC18C550F3DDF5FF224D922177F119EAE47B97F3D797
                                                                                                                                                                                                                                                                                                                                  SHA-512:5A997268DE9B1FBBE19B267A83B32341C8462B620DA6FB57B05D3B0AAB5E652007255BE8D1B966CB0D54F768B5EEF19FA3CCA4EDED50614E16D1A967A9BB6C31
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:Progress Telerik Fiddler Classic..(Last Updated June 15, 2021)....The following terms and conditions govern the use of Progress Telerik Fiddler Classic (the "Software"). By using any of the Software and/or any updates to it, you indicate your acceptance of these terms. If you do not accept these terms, do not install or use the software.....The Software and any updates to it are provided "as is" and you bear the risk of using it. In no event shall Progress Software Corporation ("Progress"), its affiliates, or its licensors, be liable for any consequential, special, incidental or indirect damages of any kind arising out of the delivery, performance or use of the Software. The Software was written with care, but no one warrants that the Software is error-free. Your sole remedy for any failure or any form of damage caused by the Software is a full refund of the license fee we have received from you, which in all cases is $0.....On startup, the Software anonymously checks for new versions;

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\makecert.exe

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32 executable (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):55632
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.11762484164107
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:1536:Mh3UWxHO1W7R//8XfpenTJ42aar/dN1Eq52:MhEWRz7Rn8PpenTJ42aUfEq52
                                                                                                                                                                                                                                                                                                                                  MD5:3DA54BD90C1A4EF9A12270102C047FC5
                                                                                                                                                                                                                                                                                                                                  SHA1:F1633906D490813514621DE980E12E4B4B9FBA0E
                                                                                                                                                                                                                                                                                                                                  SHA-256:61D76327DE227AE8F15AFBB0F99C1DF6152061855DF7B35DBD6FF7329FC1BA4D
                                                                                                                                                                                                                                                                                                                                  SHA-512:90161AA69D9B59E6A5864B61237DD00BEC121B24607BC8DCB3184159E42ECA81FDE64E68E4CAE2F8EE7E798A6051AFFCE8AF47B005883ADF23F73BEEFBA9A66D
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.............A...A...A..`A...A..vA...A..fA...A...A...A..qA...A.j.A...A..aA...A..dA...ARich...A........PE..L.....[J.................r...n......._..............................................SF....@...... ..........................du...........9..............P........... ...................................@............................................text...Zq.......r.................. ..`.data...0&...........v..............@....rsrc....9.......:...|..............@..@.reloc..`...........................@..B................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\saz.ico

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:MS Windows icon resource - 3 icons, 48x48, 24 bits/pixel, 32x32, 24 bits/pixel
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):11502
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.9151297452603355
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:48:uy2FX87Vo3+Qzm0atW7NZ5hwpwk+3Z4VaR2TLPv/i0S3duwR/O0YUIemJojskYt5:LUT3+Qz3aY7NfhSpwZ4VaRC60jUmOjsx
                                                                                                                                                                                                                                                                                                                                  MD5:A1D6A5FF94FEFBEF1D05BCBCED52126C
                                                                                                                                                                                                                                                                                                                                  SHA1:4E6B230E29EA4B73CA8FC6B4AB8E433BB10B97C8
                                                                                                                                                                                                                                                                                                                                  SHA-256:6D0E756D6EF91EE4A45A55857DC473CA8E4FCC2D47BB3285CB6BE9B52BF9D239
                                                                                                                                                                                                                                                                                                                                  SHA-512:45D44046B6FFBFEFD8151908B252FBB799415718108B99EFAC8E3008CF97F62E288FBFB5617AC26D85D75BFEAB7BD8A1248F69C27577CA52DBEEAB12EBB7F110
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:......00..........6... ......................h....)..(...0...`......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................yy.h...............................................................................................................

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Programs\Fiddler\uninst.exe

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
                                                                                                                                                                                                                                                                                                                                  Category:modified
                                                                                                                                                                                                                                                                                                                                  Size (bytes):108840
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.289977979936597
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:1536:IferrLkSRoe8C4UZsys0Dh1duGwwwwwwIwwwwwwwwOwwwwwwwwwwIwwwwwwwwwwy:Ifi3k+oWDBDh1duisTiuiSLnA
                                                                                                                                                                                                                                                                                                                                  MD5:F70F0AE46D973E259DB705E9123772F5
                                                                                                                                                                                                                                                                                                                                  SHA1:A2A42EFBCA46698C0CC9A5808C167DE76CEBA8BF
                                                                                                                                                                                                                                                                                                                                  SHA-256:75D0373D8B97DA054AB540855A114025F139B3F0FEA0A0D5608DB524F25F7A55
                                                                                                                                                                                                                                                                                                                                  SHA-512:2B44C6B8EEF431571B854BCF99C5E289B6610F6FCCA483D45BD576799A1CF6EF578BA71754E7578E307A85F658FCE4B5CA0C2924DC6C30CBA94FD3791E55C946
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........1 ..PN..PN..PN.*_...PN..PO.JPN.*_...PN.s~..PN..VH..PN.Rich.PN.........................PE..L...l.d.................j..........25............@..................................@....@..............................................Y..............H#...........................................................................................text....h.......j.................. ..`.rdata..d............n..............@..@.data...............................@....ndata...@...P...........................rsrc....Y.......Z..................@..@................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
                                                                                                                                                                                                                                                                                                                                  Category:modified
                                                                                                                                                                                                                                                                                                                                  Size (bytes):4558424
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):7.997481858980403
                                                                                                                                                                                                                                                                                                                                  Encrypted:true
                                                                                                                                                                                                                                                                                                                                  SSDEEP:98304:uB6cDqnTgnRkidZ7C0eNGyJW3lE4RrtRmrpIZhGuul38YR7O8sOKduG8xOvC:uRdnRkgCNGyJ/IJYR7vsOKwGYO
                                                                                                                                                                                                                                                                                                                                  MD5:5D96B95B066D797C7C468D125882DDCF
                                                                                                                                                                                                                                                                                                                                  SHA1:8A130DB5E4F6207B70939C5007D6689C22378C7D
                                                                                                                                                                                                                                                                                                                                  SHA-256:7EA1A09EEAB47EB4658938BF4A023C6231DE726AD076FDE189C3383FFB4091FE
                                                                                                                                                                                                                                                                                                                                  SHA-512:FD746263B0AAD96E90468AAC664A3F02AF20C2291E03138CF201D68036BD8CE26CC36B5FDC4E97AE5F93C65A5660DE91988E3EE7156359DE509FEA9B4308550A
                                                                                                                                                                                                                                                                                                                                  Malicious:true
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........1 ..PN..PN..PN.*_...PN..PO.JPN.*_...PN.s~..PN..VH..PN.Rich.PN.........................PE..L...g.d.................h..."......E6............@..........................@......*-F...@..............................................Y...........kE.P#...........................................................................................text....f.......h.................. ..`.rdata..X............l..............@..@.data...x...........................@....ndata...@...............................rsrc....Y.......Z..................@..@................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\nsoE58F.tmp

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):15085072
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.987097816416806
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:98304:l1sfNvXsJm+5TtiTMfeJnEsRHAgxcNYeGgOx6Vo3evItfdOEBFXJfJggB+x:l1INvXsJm+VQdXJAgJeGr6VStlRt1+x
                                                                                                                                                                                                                                                                                                                                  MD5:FB6A6050A00C76E7FE4E4C35AA11CFBE
                                                                                                                                                                                                                                                                                                                                  SHA1:2F3C2AC498F9A3C6072DD9292E61481C9DA0CFEA
                                                                                                                                                                                                                                                                                                                                  SHA-256:E96AEA120DA131B4EF301F10CDB3059D210B74C6414033140ED9B5C8C985368A
                                                                                                                                                                                                                                                                                                                                  SHA-512:67AAC0FCBA097BF4646E0BB8A5054DBF50D76571E27AA7FCFA9BDB2280FDEA278D7BD3F787308620B2630030EF8FA66EA321D2656086B679609F05FD587E402C
                                                                                                                                                                                                                                                                                                                                  Malicious:true
                                                                                                                                                                                                                                                                                                                                  Yara Hits:
                                                                                                                                                                                                                                                                                                                                  • Rule: JoeSecurity_PureLogStealer, Description: Yara detected PureLog Stealer, Source: C:\Users\user\AppData\Local\Temp\nsoE58F.tmp, Author: Joe Security
                                                                                                                                                                                                                                                                                                                                  Preview:D.......,.......,.......D...............N.......D...............................................................2...........................................................................................................................................................................................H8..f...............................................................g...............................................................j...................................................................................................................................................Q:..................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\nsx8D7.tmp\System.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):12288
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.805604762622714
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:192:VjHcQ0qWTlt7wi5Aj/lM0sEWD/wtYbBjpNQybC7y+XZv0QPi:B/Qlt7wiij/lMRv/9V4bvr
                                                                                                                                                                                                                                                                                                                                  MD5:4ADD245D4BA34B04F213409BFE504C07
                                                                                                                                                                                                                                                                                                                                  SHA1:EF756D6581D70E87D58CC4982E3F4D18E0EA5B09
                                                                                                                                                                                                                                                                                                                                  SHA-256:9111099EFE9D5C9B391DC132B2FAF0A3851A760D4106D5368E30AC744EB42706
                                                                                                                                                                                                                                                                                                                                  SHA-512:1BD260CABE5EA3CEFBBC675162F30092AB157893510F45A1B571489E03EBB2903C55F64F89812754D3FE03C8F10012B8078D1261A7E73AC1F87C82F714BCE03D
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......qr*.5.D.5.D.5.D...J.2.D.5.E.!.D.....2.D.a0t.1.D.V1n.4.D..3@.4.D.Rich5.D.........PE..L...S.d...........!....."...........*.......@...............................p............@..........................B.......@..P............................`.......................................................@..X............................text.... .......".................. ..`.rdata..c....@.......&..............@..@.data...x....P.......*..............@....reloc.......`.......,..............@..B................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fiddler Classic.lnk

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Icon number=0, Archive, ctime=Wed Mar 27 11:58:00 2024, mtime=Tue Apr 23 22:29:15 2024, atime=Wed Mar 27 11:58:00 2024, length=3666248, window=hide
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):2180
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):3.7467249963293123
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:48:8UpBlXbF2456g5eREJd+N5LKqGccGycGpZJqGMJSJmyg:8qXU45eEK7kIy
                                                                                                                                                                                                                                                                                                                                  MD5:6AA78BA86635D4EF649813D131FE3EE5
                                                                                                                                                                                                                                                                                                                                  SHA1:15227E1D1CD7F2C8C73744EEAC1937CB6C554A8A
                                                                                                                                                                                                                                                                                                                                  SHA-256:9DFC2BBB573B4058B4AC9D34F29B29B4410E21663140FB05135AE5542D0DE5A2
                                                                                                                                                                                                                                                                                                                                  SHA-512:1115A4CA8A1F91CCC2C6BDCC9E39094539C22BCC31D466D524E22C2EDF8980C2EEBBD4C445990196438F7720A395820D244ED50CFEC3FC0C5CFECD57E73408E4
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:L..................F.@.. ......eF.....|.......eF...H.7..................... .:..DG..Yr?.D..U..k0.&...&......Qg.*_...?.......u.........t...CFSF..1.....EW.=..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW.=.X............................3*N.A.p.p.D.a.t.a...B.P.1......X....Local.<......EW.=.X............................z.%.L.o.c.a.l.....Z.1......X....Programs..B......X...X......X#....................z.%.P.r.o.g.r.a.m.s.....V.1......X....Fiddler.@......X...X.......#....................*.S.F.i.d.d.l.e.r.....b.2.H.7.{X@g .Fiddler.exe.H......{X@g.X.......#........................F.i.d.d.l.e.r...e.x.e.......l...............-.......k..........."........C:\Users\user\AppData\Local\Programs\Fiddler\Fiddler.exe..1.....\.....\.....\.....\.....\.L.o.c.a.l.\.P.r.o.g.r.a.m.s.\.F.i.d.d.l.e.r.\.F.i.d.d.l.e.r...e.x.e.1.C.:.\.U.s.e.r.s.\.f.r.o.n.t.d.e.s.k.\.A.p.p.D.a.t.a.\.L.o.c.a.l.\.P.r.o.g.r.a.m.s.\.F.i.d.d.l.e.r.=.C.:.\.U.s.e.r.s.\.f.r.o.n.t.d.e.s.k.\.A.p.p.D.a.t.a.\.L.o.c.a.l.\.P.

                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fiddler ScriptEditor.lnk

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Icon number=0, Archive, ctime=Wed Mar 27 11:57:06 2024, mtime=Tue Apr 23 22:29:17 2024, atime=Wed Mar 27 11:57:06 2024, length=51200, window=hide
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):2320
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):3.8245452899699517
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:48:8kSF2456g5eREJd+5ltmpK2G3iBcGUcG3ikZvqG3iOJzJmyg:8w45eE0ltEBiUfPy
                                                                                                                                                                                                                                                                                                                                  MD5:D647BA401DF35D22783FB7DBAC709F39
                                                                                                                                                                                                                                                                                                                                  SHA1:B595F61BC79B668A83CA2B95F647BED358CD1DDC
                                                                                                                                                                                                                                                                                                                                  SHA-256:E5BE0F5E29F42E638CD8DC91C6AFB30AECE475BAA0A240436944246F0B104EB4
                                                                                                                                                                                                                                                                                                                                  SHA-512:F38D1AF4635F83B1EC4A7676546A807489E1553F388DCAEE2D8D474052712101DE92516AC657DCD1484B3654A3875A9FA9F96BBD7D55480F9ED306B38CEA6753
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:L..................F.@.. ....=SEF...`JD.....=SEF...........................z.:..DG..Yr?.D..U..k0.&...&......Qg.*_...?.......u.........t...CFSF..1.....EW.=..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW.=.X............................3*N.A.p.p.D.a.t.a...B.P.1......X....Local.<......EW.=.X............................z.%.L.o.c.a.l.....Z.1......X....Programs..B......X...X......X#....................z.%.P.r.o.g.r.a.m.s.....V.1......X....Fiddler.@......X...X.......#....................*.S.F.i.d.d.l.e.r.....b.1......X....SCRIPT~1..J......X...X.......S....................*.S.S.c.r.i.p.t.E.d.i.t.o.r.....Z.2.....{X#g .FSE2.exe..B......{X#g.X.......S........................F.S.E.2...e.x.e.......v...............-.......u..........."........C:\Users\user\AppData\Local\Programs\Fiddler\ScriptEditor\FSE2.exe..;.....\.....\.....\.....\.....\.L.o.c.a.l.\.P.r.o.g.r.a.m.s.\.F.i.d.d.l.e.r.\.S.c.r.i.p.t.E.d.i.t.o.r.\.F.S.E.2...e.x.e.1.C.:.\.U.s.e.r.s.\.f.r.o.n.t.d.e.s.k.\.A.p.p.D.a.

                                                                                                                                                                                                                                                                                                                                  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                  Category:modified
                                                                                                                                                                                                                                                                                                                                  Size (bytes):366909
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.366625237240594
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:1536:6qELG7gK+RaOOp3LCCpfmLgYI66xgFF9Sq8K6MAS2OMUHl6Gin327D22A26KgauC:zTtbmkExhMJCIpED
                                                                                                                                                                                                                                                                                                                                  MD5:A43C0A1ECE471D06C2965FAC02F5BF98
                                                                                                                                                                                                                                                                                                                                  SHA1:DE7537DEB3AD3AEEB9646943A076E37C59171AD5
                                                                                                                                                                                                                                                                                                                                  SHA-256:8557E702FC6994D9C6227431E6DCA7505DA61FB8897255B954CA90417071522D
                                                                                                                                                                                                                                                                                                                                  SHA-512:81C9B22503A6FFAB67E33FDE2D799A9AD33035796F26E20DCADF2CE44BEF5ECD56C317137CE91CE8618AC18049D268B25A598DDDC4808E26D438058DCCE20D8B
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:.To learn about increasing the verbosity of the NGen log files please see http://go.microsoft.com/fwlink/?linkid=210113..12/07/2019 14:54:22.458 [5488]: Command line: D:\wd\compilerTemp\BMT.200yuild.1bk\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exe executeQueuedItems /nologo ..12/07/2019 14:54:22.473 [5488]: Executing command from offline queue: install "System.Runtime.WindowsRuntime.UI.Xaml, Version=4.0.0.0, Culture=Neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=msil" /NoDependencies /queue:1..12/07/2019 14:54:22.490 [5488]: Executing command from offline queue: install "System.Web.ApplicationServices, Version=4.0.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=msil" /NoDependencies /queue:3..12/07/2019 14:54:22.490 [5488]: Exclusion list entry found for System.Web.ApplicationServices, Version=4.0.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=msil; it will not be installed..12/07/2019 14:54:22.490 [

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\EnableLoopback\59a1f5e7ac4b0e905803332438ede0a4\EnableLoopback.ni.exe (copy)

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32+ executable (DLL) (GUI) x86-64 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):164352
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.725779110557342
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:3072:ZBMFmR7AMaMjvmKrISaR7nuHXtFbAkxI6rKcyw:ZBJN+KrkRKHXtFbAkxI6m9w
                                                                                                                                                                                                                                                                                                                                  MD5:1799EB038905DCF58A714D8A2DA5A87B
                                                                                                                                                                                                                                                                                                                                  SHA1:70B718BC232D2A60C8EF3A31AAA05F1A2C0D7FF8
                                                                                                                                                                                                                                                                                                                                  SHA-256:FD838B4C265ADECFDD197975D17027AD511E334AB79F9BBC7D06C2198D6FCF34
                                                                                                                                                                                                                                                                                                                                  SHA-512:021BB279A72D5EE3AF70FF062ADB2AB054125EBC3867E56170FC3E5CB5E8A5953CCC1F4C2F40E57B1035D451555776BC0E65E5E7CC19FE10BC6328B54948C699
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@.......................................................................................................PE..d......f.........." ............................D.........................................`.................................................................@.......................p...8..............................................................H............data...............................@....text............................... ..`.reloc...............n..............@..B....................................~5...........................................................................................................................................................................................................................................................................................................................................................i..D....................................i..D...(...........................D...........................

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\EnableLoopback\59a1f5e7ac4b0e905803332438ede0a4\EnableLoopback.ni.exe.aux (copy)

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Matlab v4 mat-file (little endian) H, rows 848, columns 11, imaginary
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):856
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.504902301164276
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:24:R/3nQPftOWlhE4TE4IfE4nK41qE48gdKDE4w:R/3nQPxHTHCHnK41qHbYHw
                                                                                                                                                                                                                                                                                                                                  MD5:CB9A59C147E7EC31B40404936586A805
                                                                                                                                                                                                                                                                                                                                  SHA1:D737B13179E133CC5F93E4CDE9AB92F3C8D053D8
                                                                                                                                                                                                                                                                                                                                  SHA-256:5AB1ED81D0C380B3EE8662834AB2E71149E9A983A60627F943CBE09281BF0796
                                                                                                                                                                                                                                                                                                                                  SHA-512:237A383519839FD6EC42E2C4CD3A8D16EF56FC162E1072DB25B8E5EAB9B3F04F0688944A1349AC80820425BDAE51E634598511CF746E529F5D1797C0B2B09B1B
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:....P...............H...EnableLoopback, Version=1.4.3.0, Culture=neutral, PublicKeyToken=null..........................lF...........PI......................Ow.(...@.O.4H.....l.......L...mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........I;.:.......l..............X...System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089............+/...........H]Z...................... ..a..M...F.F......l.......L...System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089.................>..l..S$.............T...System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a..............+/...................................*.]H.a.F..Du.k+.....p.......P...System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........12f.`.i%O2..G..

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\EnableLoopback\59a1f5e7ac4b0e905803332438ede0a4\EnableLoopback.ni.exe.aux.tmp

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Matlab v4 mat-file (little endian) H, rows 848, columns 11, imaginary
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):856
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.504902301164276
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:24:R/3nQPftOWlhE4TE4IfE4nK41qE48gdKDE4w:R/3nQPxHTHCHnK41qHbYHw
                                                                                                                                                                                                                                                                                                                                  MD5:CB9A59C147E7EC31B40404936586A805
                                                                                                                                                                                                                                                                                                                                  SHA1:D737B13179E133CC5F93E4CDE9AB92F3C8D053D8
                                                                                                                                                                                                                                                                                                                                  SHA-256:5AB1ED81D0C380B3EE8662834AB2E71149E9A983A60627F943CBE09281BF0796
                                                                                                                                                                                                                                                                                                                                  SHA-512:237A383519839FD6EC42E2C4CD3A8D16EF56FC162E1072DB25B8E5EAB9B3F04F0688944A1349AC80820425BDAE51E634598511CF746E529F5D1797C0B2B09B1B
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:....P...............H...EnableLoopback, Version=1.4.3.0, Culture=neutral, PublicKeyToken=null..........................lF...........PI......................Ow.(...@.O.4H.....l.......L...mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........I;.:.......l..............X...System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089............+/...........H]Z...................... ..a..M...F.F......l.......L...System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089.................>..l..S$.............T...System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a..............+/...................................*.]H.a.F..Du.k+.....p.......P...System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........12f.`.i%O2..G..

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.B3325a29b#\3f8d7f63514ceeaa11244b3e16a3ea5c\Microsoft.Build.Framework.ni.dll (copy)

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):565760
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.538643576749173
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:6144:hGUXwpYLMFGfB2l7Ef8nhCh8Mi6E8u6EhwccvjkMis:kL7q8nxMK/6ltis
                                                                                                                                                                                                                                                                                                                                  MD5:5AD0DE1C1276D24B20274B058F24F82F
                                                                                                                                                                                                                                                                                                                                  SHA1:CCEE2D95882E4E7928558B29EADCCD6424543474
                                                                                                                                                                                                                                                                                                                                  SHA-256:FE8B24C39149ECF016FC883F2768B27DEE56100C6E79EAB0CE573B5C299281E3
                                                                                                                                                                                                                                                                                                                                  SHA-512:F4634EC83177E9CE8AE968185D35E87B3F8B2BE302ADA98A86152DD7A13DCCE0BBE3E947A36D1B3D6955455A03CC21BCC8FD6781CC1F94BC2B841F805B4AEA1F
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@.......................................................................................................PE..d....>.].........." ...........................8D.........................................`.................................................................@,..81...........P...f..0M..8...............................................................H............data...............................@....text............................... ..`.reloc...f...P...h...:..............@..B....................................~=.......................................................................................................................................................................................................................................................................................................................................................... ..8D...d...............N.......H..8D......8D...+.......(............... q.8D...a...............).......

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.B3325a29b#\3f8d7f63514ceeaa11244b3e16a3ea5c\Microsoft.Build.Framework.ni.dll.aux (copy)

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Matlab v4 mat-file (little endian) `, rows 580, columns 11, imaginary
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):588
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.478482263864425
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:12:bE3rJsGMDLI4Mehn9w/eboqU2DLI4MWh+eDLI4MWXb/SsoDLI4MWmRmr0:Y3rvEE41nw8oqhE4FfE4ndAE4AI0
                                                                                                                                                                                                                                                                                                                                  MD5:9189192AA64C6C116A9B082BE0326291
                                                                                                                                                                                                                                                                                                                                  SHA1:5263A16460FBCE295CFC2C00414E42B301D115BB
                                                                                                                                                                                                                                                                                                                                  SHA-256:9E06D7C4DB103D2D465BE73E8AA3092CE617F0DFBFC581C1E65FBCF5F01E605A
                                                                                                                                                                                                                                                                                                                                  SHA-512:339BBE43A6C168B2BB8BF8A92364AB103477D5B1F021EA2E503ED796AFDBF3082570F1D2F1991447CD87416D4778E577AC30C48111818E3C8606312C81759E16
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:....D...............`...Microsoft.Build.Framework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a.........................".0....................................TVX..B...S...j....l.......L...mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........I;.:.......l......l.......L...System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089.................>..l..S$.............P...System.Xaml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089.............+/.....................................n&..M.....*.f

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.B3325a29b#\3f8d7f63514ceeaa11244b3e16a3ea5c\Microsoft.Build.Framework.ni.dll.aux.tmp

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Matlab v4 mat-file (little endian) `, rows 580, columns 11, imaginary
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):588
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.478482263864425
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:12:bE3rJsGMDLI4Mehn9w/eboqU2DLI4MWh+eDLI4MWXb/SsoDLI4MWmRmr0:Y3rvEE41nw8oqhE4FfE4ndAE4AI0
                                                                                                                                                                                                                                                                                                                                  MD5:9189192AA64C6C116A9B082BE0326291
                                                                                                                                                                                                                                                                                                                                  SHA1:5263A16460FBCE295CFC2C00414E42B301D115BB
                                                                                                                                                                                                                                                                                                                                  SHA-256:9E06D7C4DB103D2D465BE73E8AA3092CE617F0DFBFC581C1E65FBCF5F01E605A
                                                                                                                                                                                                                                                                                                                                  SHA-512:339BBE43A6C168B2BB8BF8A92364AB103477D5B1F021EA2E503ED796AFDBF3082570F1D2F1991447CD87416D4778E577AC30C48111818E3C8606312C81759E16
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:....D...............`...Microsoft.Build.Framework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a.........................".0....................................TVX..B...S...j....l.......L...mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........I;.:.......l......l.......L...System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089.................>..l..S$.............P...System.Xaml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089.............+/.....................................n&..M.....*.f

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.B83e9cb53#\7192d8df2c3d8228b392f5912e16ebc2\Microsoft.Build.Utilities.v4.0.ni.dll (copy)

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):1058816
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.203026143182572
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:12288:oxXATT6aRXqpoOwlUi2XBOqZP/H5ybilaLHxCb4HJdVOSI6A+cHkT:oW6aRXMhwlUiwLvxyxCb4HJdUSIF+
                                                                                                                                                                                                                                                                                                                                  MD5:21C2A94087BC18781CC145190D7ABE44
                                                                                                                                                                                                                                                                                                                                  SHA1:408D53E9E61CADD6BC9676FC5E50D0C4DFB3606C
                                                                                                                                                                                                                                                                                                                                  SHA-256:A9B64A301B343080F13709BB24808E8CFB4E84D714E0DA38DF72E92DC7E9280A
                                                                                                                                                                                                                                                                                                                                  SHA-512:6E654E51327C1C350568A127EAA25F8D0A3D192BE77AE642566C440FADCFD10B592539D0CFA72938831B9EF4D08B480B653FC56E9A7963357A631E96A0C1DA9D
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@.......................................................................................................PE..d....>.].........." ...........................8D............................P............`.......................................................... ......t]..xQ...............i..\...8............................................................$..H............data...............................@....text....... ...................... ..`.reloc...i.......j..................@..B....................................~=..........................................................................................................................................................................................................................................................................................................................................................P..8D...{...............(..........8D...P..8D...,.......,................p.8D...................2.......

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.B83e9cb53#\7192d8df2c3d8228b392f5912e16ebc2\Microsoft.Build.Utilities.v4.0.ni.dll.aux (copy)

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Matlab v4 mat-file (little endian) d, rows 880, columns 11, imaginary
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):888
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.546080462033695
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:24:VJCE4BgSqhE4N7vEE4Gw8oqfE4nidKDE4UkAE4d:VgHWnHN7vEHGwLMHnoYHPAHd
                                                                                                                                                                                                                                                                                                                                  MD5:F37B17B873048F6F385E0D952BBEF98E
                                                                                                                                                                                                                                                                                                                                  SHA1:619DDF0F53597F0C72443E73FA5A063F9EFD9C7A
                                                                                                                                                                                                                                                                                                                                  SHA-256:88EA8B0E438BBE31FC86EADF18444A9351549DA4224F1F577301FD81533097C9
                                                                                                                                                                                                                                                                                                                                  SHA-512:D071685EF81C7EBE81777641B1240A136F7A589ED7DE4C8DB888EFE0ED8C7EB30B8D829A92801CBE9F0F2683BEEFA112E7C03C8D45B112754C0E70624D1A4A5E
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:....p...............d...Microsoft.Build.Utilities.v4.0, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a............................................................../.]...I..;...j.....l.......L...mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........I;.:.......l..............`...Microsoft.Build.Framework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a.............".0....................................TVX..B...S...j....l.......L...System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089.................>..l..S$.....p.......P...System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........12f.`.i%O2..G..............P...System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089...........Gu.0............f(.......................%...K... ...

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.B83e9cb53#\7192d8df2c3d8228b392f5912e16ebc2\Microsoft.Build.Utilities.v4.0.ni.dll.aux.tmp

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Matlab v4 mat-file (little endian) d, rows 880, columns 11, imaginary
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):888
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.546080462033695
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:24:VJCE4BgSqhE4N7vEE4Gw8oqfE4nidKDE4UkAE4d:VgHWnHN7vEHGwLMHnoYHPAHd
                                                                                                                                                                                                                                                                                                                                  MD5:F37B17B873048F6F385E0D952BBEF98E
                                                                                                                                                                                                                                                                                                                                  SHA1:619DDF0F53597F0C72443E73FA5A063F9EFD9C7A
                                                                                                                                                                                                                                                                                                                                  SHA-256:88EA8B0E438BBE31FC86EADF18444A9351549DA4224F1F577301FD81533097C9
                                                                                                                                                                                                                                                                                                                                  SHA-512:D071685EF81C7EBE81777641B1240A136F7A589ED7DE4C8DB888EFE0ED8C7EB30B8D829A92801CBE9F0F2683BEEFA112E7C03C8D45B112754C0E70624D1A4A5E
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:....p...............d...Microsoft.Build.Utilities.v4.0, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a............................................................../.]...I..;...j.....l.......L...mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........I;.:.......l..............`...Microsoft.Build.Framework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a.............".0....................................TVX..B...S...j....l.......L...System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089.................>..l..S$.....p.......P...System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........12f.`.i%O2..G..............P...System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089...........Gu.0............f(.......................%...K... ...

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.JScript\8e9f4b8ba90f0dd7ead0f6d3724d12f0\Microsoft.JScript.ni.dll (copy)

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):2844160
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.62746694654847
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:49152:Kd6HVKGum20+06HDN/fPwDbEgqVUa3UFFx3x6/OwH9u6wAZj8dl6e4sK:KwHVKqsHRwDbEgqVUa3UFFx3b68l63s
                                                                                                                                                                                                                                                                                                                                  MD5:B5199F7B846A2F8DFA05CE43F61175D6
                                                                                                                                                                                                                                                                                                                                  SHA1:432DF95A7EF646CC814B1BED52938E3880B59240
                                                                                                                                                                                                                                                                                                                                  SHA-256:0EE39143B7EEA8EFD91304C0636A6535B92F50AA802F447D692C21497594720B
                                                                                                                                                                                                                                                                                                                                  SHA-512:59B9884F87AAF458BAF4B38A521B1EC812A232100C65C7898B4497ACF96A1EE200CF732E41485EFE8FFBB4B35DE3FA83D0196E684F9D6C9DB32497E5A12C3565
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@.......................................................................................................PE..d....>.].........." ...........................<D.............................+...........`..........................................................P.......]..L.............+..n....+.8............................................................S..H............data....<.......>..................@....text.....&..P....&..@.............. ..`.reloc...n....+..p....*.............@..B....................................~=.............................................................................................................................................................................................................................................................................................................................................................<D...c...............................L..<D...-........................+.<D...o.......................

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.JScript\8e9f4b8ba90f0dd7ead0f6d3724d12f0\Microsoft.JScript.ni.dll.aux (copy)

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Matlab v4 mat-file (little endian) X, rows 572, columns 11, imaginary
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):580
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.45218215817954
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:12:zkrfPn4Mshnu9onmOU2DLI4MWh+eDLI4MWXb/S/oDLI4MWNnr:gr34BguhE4FfE4nkAE4d
                                                                                                                                                                                                                                                                                                                                  MD5:AB6DBF5FD77B230F09422CF42E01C45C
                                                                                                                                                                                                                                                                                                                                  SHA1:47F02FE4F799F47A882C1618666EF07251E97F85
                                                                                                                                                                                                                                                                                                                                  SHA-256:2C955F26CF47A4B1283CF68A07B104771AE05F1D88C5D906B47E9B219E6475E5
                                                                                                                                                                                                                                                                                                                                  SHA-512:9EAB974CD1BF0B1F81962325E107BF44C4AEC1C7ADD496D4619AB97EE0F075CCC9187E923181DE8D8DD5626EB07D20ED7FEAB5675896C5A761DAB1604D41B84F
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:....<...............X...Microsoft.JScript, Version=10.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a..............................................................X..`.O...ZC.r.....l.......L...mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........I;.:.......l......l.......L...System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089.................>..l..S$.............P...System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089...........Gu.0............f(.......................%...K... ...

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.JScript\8e9f4b8ba90f0dd7ead0f6d3724d12f0\Microsoft.JScript.ni.dll.aux.tmp

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Matlab v4 mat-file (little endian) X, rows 572, columns 11, imaginary
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):580
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.45218215817954
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:12:zkrfPn4Mshnu9onmOU2DLI4MWh+eDLI4MWXb/S/oDLI4MWNnr:gr34BguhE4FfE4nkAE4d
                                                                                                                                                                                                                                                                                                                                  MD5:AB6DBF5FD77B230F09422CF42E01C45C
                                                                                                                                                                                                                                                                                                                                  SHA1:47F02FE4F799F47A882C1618666EF07251E97F85
                                                                                                                                                                                                                                                                                                                                  SHA-256:2C955F26CF47A4B1283CF68A07B104771AE05F1D88C5D906B47E9B219E6475E5
                                                                                                                                                                                                                                                                                                                                  SHA-512:9EAB974CD1BF0B1F81962325E107BF44C4AEC1C7ADD496D4619AB97EE0F075CCC9187E923181DE8D8DD5626EB07D20ED7FEAB5675896C5A761DAB1604D41B84F
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:....<...............X...Microsoft.JScript, Version=10.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a..............................................................X..`.O...ZC.r.....l.......L...mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........I;.:.......l......l.......L...System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089.................>..l..S$.............P...System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089...........Gu.0............f(.......................%...K... ...

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\SMDiagnostics\1936f2ecbcf18cda53f04b49073cf801\SMDiagnostics.ni.dll (copy)

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):145920
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.949829508134219
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:3072:8F3LDGvbhYT+DNHwx/VJ6D27dsKEeFx1wJC1:CPGSTPVJ6y7FEQxD
                                                                                                                                                                                                                                                                                                                                  MD5:489C0AE7398CA1D606CFB3DAEE939D0F
                                                                                                                                                                                                                                                                                                                                  SHA1:ABD74E700489661FD98046C8FF0201A321C900FE
                                                                                                                                                                                                                                                                                                                                  SHA-256:24B69E9DE454D8E48BE57B34ED5CB027B8F85F2EA7F20A5B10AA8C26D39F550E
                                                                                                                                                                                                                                                                                                                                  SHA-512:F6B5AFFF78E3FA9DD5B185FAEAAF38104B9F5167E032042B31C5EB5EB90125D941BAA5A9B2541F85DD15C0DF26C85D33F49A0E553F323D32639ABFEF8A9F0988
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@.......................................................................................................PE..d....1.b.........." .........................., D............................P............`.............................................................D....................@..p...4>..8...........................................................P...H............data...............................@....text............................... ..`.reloc..p....@.......*..............@..B....................................~=............................................................................................................................................................................................................................................................................................................................................................. D... ........................A, D...... D...)...<...................(|, D...~.......................

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\SMDiagnostics\1936f2ecbcf18cda53f04b49073cf801\SMDiagnostics.ni.dll.aux (copy)

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Matlab v4 mat-file (little endian) T, rows 916, columns 11, imaginary
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):924
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.525779255840628
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:24:KE4JmEqhE4jKIE4nAfE4nqtTE4GHSHCaAE4d:KHJmEOHjtHaHnqtTHGHCCaAHd
                                                                                                                                                                                                                                                                                                                                  MD5:506428CAC3D2A6A6BA9F51BE8978DDCB
                                                                                                                                                                                                                                                                                                                                  SHA1:0C4A7EE9C77A8A43FAEDD5266F271BE1786D020A
                                                                                                                                                                                                                                                                                                                                  SHA-256:D85500F9666EDB65308D8D372D1C947AAA4EB9CBE5D8BDDB7E58A8A4DAA0E6D3
                                                                                                                                                                                                                                                                                                                                  SHA-512:E268B3BB9C932AF020A3D0C2FE03CC0A61535A948B21A163586ED0B7E88211DDBA96923ADDD6EB0FFA796AF24C100B07F1E5327E098215DB69302DAFBDEA9543
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:....................T...SMDiagnostics, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089.........................F.+/...........0.......................N8Y U..J.Zw#.3.&....l.......L...mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........I;.:.......l..............X...System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a...........+/............n......................i..VdqF...|.......l.......L...System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089.................>..l..S$.............d...System.ServiceModel.Internals, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35.............Z.+/...........0...........................zx.L.u.'. |.............P...System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089...........Gu.0............f(.......................%...K... ...

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\SMDiagnostics\1936f2ecbcf18cda53f04b49073cf801\SMDiagnostics.ni.dll.aux.tmp

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Matlab v4 mat-file (little endian) T, rows 916, columns 11, imaginary
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):924
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.525779255840628
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:24:KE4JmEqhE4jKIE4nAfE4nqtTE4GHSHCaAE4d:KHJmEOHjtHaHnqtTHGHCCaAHd
                                                                                                                                                                                                                                                                                                                                  MD5:506428CAC3D2A6A6BA9F51BE8978DDCB
                                                                                                                                                                                                                                                                                                                                  SHA1:0C4A7EE9C77A8A43FAEDD5266F271BE1786D020A
                                                                                                                                                                                                                                                                                                                                  SHA-256:D85500F9666EDB65308D8D372D1C947AAA4EB9CBE5D8BDDB7E58A8A4DAA0E6D3
                                                                                                                                                                                                                                                                                                                                  SHA-512:E268B3BB9C932AF020A3D0C2FE03CC0A61535A948B21A163586ED0B7E88211DDBA96923ADDD6EB0FFA796AF24C100B07F1E5327E098215DB69302DAFBDEA9543
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:....................T...SMDiagnostics, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089.........................F.+/...........0.......................N8Y U..J.Zw#.3.&....l.......L...mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........I;.:.......l..............X...System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a...........+/............n......................i..VdqF...|.......l.......L...System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089.................>..l..S$.............d...System.ServiceModel.Internals, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35.............Z.+/...........0...........................zx.L.u.'. |.............P...System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089...........Gu.0............f(.......................%...K... ...

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Comp46f2b404#\70bed732cba41d298e54cc0a935a935b\System.ComponentModel.DataAnnotations.ni.dll (copy)

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):355840
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.03203793127972
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:3072:497+39tmdkuUIAezxwqk8SAq+Ymsx+ULDazdfLn4FqW+oSbVd9VwASmnlPoX4NKM:Btmdkud2D+Ylx3G4EM0Vv3lPDJ2T
                                                                                                                                                                                                                                                                                                                                  MD5:BA4160844257B64DBD4D7D3BCB929A10
                                                                                                                                                                                                                                                                                                                                  SHA1:FDD6F98C2D2C98A6453BDC6E40F16DBEF1BFC581
                                                                                                                                                                                                                                                                                                                                  SHA-256:40C08A7A140991B9412118DC5B0617044F30E62951586115B675A56EAA592E70
                                                                                                                                                                                                                                                                                                                                  SHA-512:802055BD1C55AD2B714D0F1252B70A20C408E353028356330DB3A4DB99A17C941226167475FC627AD3B10093BF8202F76E2748ED7CAFA9678E75339BB1BCBBB8
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@.......................................................................................................PE..d...B>.].........." ..........................b@D.........................................`..........................................................p.......}..|#...........`...!...X..8............................................................t..H............data...X_.......`..................@....text........p.......b.............. ..`.reloc...!...`..."...L..............@..B....................................~=............................................................................................................................................................................................................................................................................................................................................................g@D...W...............................`.g@D...+.......$...............@;c@D...........................

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Comp46f2b404#\70bed732cba41d298e54cc0a935a935b\System.ComponentModel.DataAnnotations.ni.dll.aux (copy)

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Matlab v4 mat-file (little endian) l, rows 720, columns 11, imaginary
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):728
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.538428224369857
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:12:PoT9Kt3KDLI4MG/hnhGQDFRd8U2DLI4MWh+eDLI4MWXb/C+6K9eDLI4MpgJ+7zHB:SKt6E45/Nd8hE4FfE4nAKIE4nQdKDE4w
                                                                                                                                                                                                                                                                                                                                  MD5:67186775318DBEBC0436558C971102F7
                                                                                                                                                                                                                                                                                                                                  SHA1:181AD28C938F1433FBC75E3C58B3B73364654477
                                                                                                                                                                                                                                                                                                                                  SHA-256:64273233FD6B7A71797EFF489594076B37F50353FEE5A4745390712BF68649A0
                                                                                                                                                                                                                                                                                                                                  SHA-512:8C952C1FB6B214900F55BE7ADD434002BCFD1259FE8046FC45B946C62D15BE7FA7EE8D094B0DCBBA47D94463E19BCD7BD14148F00AF2A2C547C09C8568E76425
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:....................l...System.ComponentModel.DataAnnotations, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35........................../...........0.......................q\../.(H..P.Y.......l.......L...mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........I;.:.......l......l.......L...System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089.................>..l..S$.............X...System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a...........+/............n......................i..VdqF...|.......p.......P...System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........12f.`.i%O2..G..

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Comp46f2b404#\70bed732cba41d298e54cc0a935a935b\System.ComponentModel.DataAnnotations.ni.dll.aux.tmp

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Matlab v4 mat-file (little endian) l, rows 720, columns 11, imaginary
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):728
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.538428224369857
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:12:PoT9Kt3KDLI4MG/hnhGQDFRd8U2DLI4MWh+eDLI4MWXb/C+6K9eDLI4MpgJ+7zHB:SKt6E45/Nd8hE4FfE4nAKIE4nQdKDE4w
                                                                                                                                                                                                                                                                                                                                  MD5:67186775318DBEBC0436558C971102F7
                                                                                                                                                                                                                                                                                                                                  SHA1:181AD28C938F1433FBC75E3C58B3B73364654477
                                                                                                                                                                                                                                                                                                                                  SHA-256:64273233FD6B7A71797EFF489594076B37F50353FEE5A4745390712BF68649A0
                                                                                                                                                                                                                                                                                                                                  SHA-512:8C952C1FB6B214900F55BE7ADD434002BCFD1259FE8046FC45B946C62D15BE7FA7EE8D094B0DCBBA47D94463E19BCD7BD14148F00AF2A2C547C09C8568E76425
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:....................l...System.ComponentModel.DataAnnotations, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35........................../...........0.......................q\../.(H..P.Y.......l.......L...mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........I;.:.......l......l.......L...System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089.................>..l..S$.............X...System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a...........+/............n......................i..VdqF...|.......p.......P...System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........12f.`.i%O2..G..

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Data.SqlXml\78d6922d3a02a93359e189f060d76f47\System.Data.SqlXml.ni.dll (copy)

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):3152896
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.29515288331552
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:49152:EIU0dluLBG8h0GOPNMuC+0WH7ph+7VaDzTKktX9:EtCl+RE/Ga
                                                                                                                                                                                                                                                                                                                                  MD5:4030102C5FF5DFF4B96DBFADDE92E6D7
                                                                                                                                                                                                                                                                                                                                  SHA1:38CEB414A87C65B7D9C76F931EAF671648F89D77
                                                                                                                                                                                                                                                                                                                                  SHA-256:1FF3C397F1C738A84075707B34E3A217177438055BA4A8E76E206940044B3CBC
                                                                                                                                                                                                                                                                                                                                  SHA-512:74D824227D3C591FE6B32660CBDC5016B1D664DCBFE1C9E46A179B33764C12830D7F48E40E57D178074F654CFD9BD9B5733F34C286BC217856079F044410E05E
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@.......................................................................................................PE..d....>.].........." ...........................ED............................@0...........`..........................................................P..L.......x............ /......./.8...........................................................PT..H............data....3.......4..................@....text...G.$..P....$..6.............. ..`.reloc....... /......./.............@..B....................................~=..........................................................................................................................................................................................................................................................................................................................................................PzEED...........................P..ED....}EED...-........................F"ED...e.......................

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Data.SqlXml\78d6922d3a02a93359e189f060d76f47\System.Data.SqlXml.ni.dll.aux (copy)

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Matlab v4 mat-file (little endian) X, rows 700, columns 11, imaginary
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):708
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.524147255924777
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:12:zk+wKDLI4MWTthnFhU2DLI4MWh+eDLI4MWXb/aH/oDLI4MWXsvyq+6K9eDLI4Mpc:g+E4ftRhE4FfE4nifAE4uKIE4nH
                                                                                                                                                                                                                                                                                                                                  MD5:3039E3D048781184B67148A421D2F7AC
                                                                                                                                                                                                                                                                                                                                  SHA1:D12F00D6F6001AE79D7C9C0EE6AAB08E2927BED2
                                                                                                                                                                                                                                                                                                                                  SHA-256:FD6F5D26392A5084024946247521BC8E33E593404CCE0FBE29B9928C18924590
                                                                                                                                                                                                                                                                                                                                  SHA-512:D19E6410C4BB89F8762B198B4A1C0E10582407D8DEAD8EE60ABB81B50DED62CB67816D9F810A7AF26D092C34D21AB7DF2043C38D035288ACDC38A18F25CEBF1F
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:....................X...System.Data.SqlXml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........................0...........(6.......................rwB.PA.z.$.......l.......L...mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........I;.:.......l......l.......L...System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089.................>..l..S$.....p.......P...System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089............=.U......D..l.............X...System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a...........+/............n......................i..VdqF...|...

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Data.SqlXml\78d6922d3a02a93359e189f060d76f47\System.Data.SqlXml.ni.dll.aux.tmp

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Matlab v4 mat-file (little endian) X, rows 700, columns 11, imaginary
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):708
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.524147255924777
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:12:zk+wKDLI4MWTthnFhU2DLI4MWh+eDLI4MWXb/aH/oDLI4MWXsvyq+6K9eDLI4Mpc:g+E4ftRhE4FfE4nifAE4uKIE4nH
                                                                                                                                                                                                                                                                                                                                  MD5:3039E3D048781184B67148A421D2F7AC
                                                                                                                                                                                                                                                                                                                                  SHA1:D12F00D6F6001AE79D7C9C0EE6AAB08E2927BED2
                                                                                                                                                                                                                                                                                                                                  SHA-256:FD6F5D26392A5084024946247521BC8E33E593404CCE0FBE29B9928C18924590
                                                                                                                                                                                                                                                                                                                                  SHA-512:D19E6410C4BB89F8762B198B4A1C0E10582407D8DEAD8EE60ABB81B50DED62CB67816D9F810A7AF26D092C34D21AB7DF2043C38D035288ACDC38A18F25CEBF1F
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:....................X...System.Data.SqlXml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........................0...........(6.......................rwB.PA.z.$.......l.......L...mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........I;.:.......l......l.......L...System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089.................>..l..S$.....p.......P...System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089............=.U......D..l.............X...System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a...........+/............n......................i..VdqF...|...

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Data86569bbf#\058b5c6d514044e05b07d4b113045f72\System.Data.OracleClient.ni.dll (copy)

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):1414656
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.34281516619661
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:24576:BMJH+CD3P4uA8UDH8+0ObWCR6OJrDZK2a:qJH+kf4udUlcOJPZK
                                                                                                                                                                                                                                                                                                                                  MD5:DB80A71D8320703B75834F67EEDCF07B
                                                                                                                                                                                                                                                                                                                                  SHA1:C66CBADA6BC1247311B0DA7FBD1C1D1C389941DD
                                                                                                                                                                                                                                                                                                                                  SHA-256:F32885BA6CD0C7397DFD11657CF5F158B095810EC6DB169A1E2683CCB92CD832
                                                                                                                                                                                                                                                                                                                                  SHA-512:DF7AB774223DF2D9415F355C2DF25CC54ADC45FB0FCD04CCD258B4781B60F0C90268628A17A82FCB0E24B17234BB0C488279CA980B012E594140AA2C84FD43E1
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@.......................................................................................................PE..d....D.].........." ......................................................................`.............................................................d...T...............`..\P...P..p...........................................................p...H............data...Pw.......x..................@....text...A............z.............. ..`.reloc..\P...`...R...D..............@..B....................................V=..........................................................................................................................................................................................................................................................................................................................................................................................................,...<...@...............P.......@.......................

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Data86569bbf#\058b5c6d514044e05b07d4b113045f72\System.Data.OracleClient.ni.dll.aux (copy)

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Matlab v4 mat-file (little endian) \, rows 1328, columns 11, imaginary
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):1336
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.558448027234283
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:24:EXE4IUghE4F9E4TTfE4nidKDE4UGmE4rpXKIE4n6AE4e+ayE41g:SHIUAHDHTjHnoYHZmHrpXtH6AHe+ayHC
                                                                                                                                                                                                                                                                                                                                  MD5:6613186C070ADA6083C7C82FE1F932BA
                                                                                                                                                                                                                                                                                                                                  SHA1:5A17959FDCB25E8385D78C26E20E015981760039
                                                                                                                                                                                                                                                                                                                                  SHA-256:331CAA8D0AE14761CCDF39FB165E8E82476075E09BEBA58365B1C6603B1CB865
                                                                                                                                                                                                                                                                                                                                  SHA-512:5170B442D16ED8C50C8B3FDE8C1DC5FF485B5AC406797BA6504C85F391907332E888501753FE577EB3855950B0BF4963DB0DF4A185982EFD5E3DEDD40996CE15
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:....0...............\...System.Data.OracleClient, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089.....................&[.......................................FD...@..{..L.....l.......L...mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........I;.:.......l......p.......P...System.Data, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........TZ...vZx!...1..+....l.......L...System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089.................>..l..S$.....p.......P...System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........12f.`.i%O2..G..............X...System.Transactions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089...........m./....................................$@...J....M+.B............X...System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a...........+/............n......................i..VdqF...|...

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Data86569bbf#\058b5c6d514044e05b07d4b113045f72\System.Data.OracleClient.ni.dll.aux.tmp

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Matlab v4 mat-file (little endian) \, rows 1328, columns 11, imaginary
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):1336
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.558448027234283
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:24:EXE4IUghE4F9E4TTfE4nidKDE4UGmE4rpXKIE4n6AE4e+ayE41g:SHIUAHDHTjHnoYHZmHrpXtH6AHe+ayHC
                                                                                                                                                                                                                                                                                                                                  MD5:6613186C070ADA6083C7C82FE1F932BA
                                                                                                                                                                                                                                                                                                                                  SHA1:5A17959FDCB25E8385D78C26E20E015981760039
                                                                                                                                                                                                                                                                                                                                  SHA-256:331CAA8D0AE14761CCDF39FB165E8E82476075E09BEBA58365B1C6603B1CB865
                                                                                                                                                                                                                                                                                                                                  SHA-512:5170B442D16ED8C50C8B3FDE8C1DC5FF485B5AC406797BA6504C85F391907332E888501753FE577EB3855950B0BF4963DB0DF4A185982EFD5E3DEDD40996CE15
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:....0...............\...System.Data.OracleClient, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089.....................&[.......................................FD...@..{..L.....l.......L...mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........I;.:.......l......p.......P...System.Data, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........TZ...vZx!...1..+....l.......L...System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089.................>..l..S$.....p.......P...System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........12f.`.i%O2..G..............X...System.Transactions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089...........m./....................................$@...J....M+.B............X...System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a...........+/............n......................i..VdqF...|...

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Deployment\4fa111e50d95d3e08c2d856a5394af3b\System.Deployment.ni.dll (copy)

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):3131904
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.11376661230697
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:24576:z8Zs7WSTYOk6X5XZOa9gwlmZhnjYnIBuU8vAHD0a+4jsDY9d/DBuI:z87+EZhjYnIBuU8vYD0a+4jM
                                                                                                                                                                                                                                                                                                                                  MD5:BB1EB29E13AF480E895544B82B26C087
                                                                                                                                                                                                                                                                                                                                  SHA1:86C739642878AF3B1FA8C612535167647B470849
                                                                                                                                                                                                                                                                                                                                  SHA-256:E905E1AC5B9582207004FF4F595F28B164631E5090048103706A203D93B1E1EF
                                                                                                                                                                                                                                                                                                                                  SHA-512:70B0A46DFE099F93C56095FD9BBEE994A23DF92EE96A055A6F1058DD7DA5230D19B7FC22EC205913A19DBF1344B9EC0E3ACE5F9D7A922EF510C48D18EF6183B4
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@.......................................................................................................PE..d.....R_.........." ..........................2ED............................./...........`.............................................................\...`................P/.@....D/.8...........................................................`...H............data...............................@....text.....).......)................. ..`.reloc..@....P/......:/.............@..B....................................~=..........................................................................................................................................................................................................................................................................................................................................................t.^ED...+...............................|.^ED.............................6ED...........................

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Deployment\4fa111e50d95d3e08c2d856a5394af3b\System.Deployment.ni.dll.aux (copy)

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Matlab v4 mat-file (little endian) X, rows 1356, columns 11, imaginary
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):1364
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.544973760390818
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:24:LwXE4198vhE4dtJE4pVsAE4mfE4nGE4w41qE48gdKDE4UAKIE4nH:LWH19SHdtJHpVsAHgHnGHw41qHbYH9tn
                                                                                                                                                                                                                                                                                                                                  MD5:81E356F831F195D32CE7D6322FD9DBDF
                                                                                                                                                                                                                                                                                                                                  SHA1:824433DD5F27091333FED52724B0E58FE1742253
                                                                                                                                                                                                                                                                                                                                  SHA-256:C38B07B4C8DA246B312D823E12F8533E2C1133546B0ADC2A9A2E50BD2EBA0D3F
                                                                                                                                                                                                                                                                                                                                  SHA-512:ACE595016C59CB4FE230948EA8F9FB312FB0FF0F33B309EE63F221611D2AEB1CDC4DA7187B61EC3C64BE887173F7E68C3AC9BC4584D04BD5A545BDC1DAF66E79
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:....L...............X...System.Deployment, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a...........................+/............Q.........................\J.C.;.gW.......l.......L...mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........I;.:.......l..............T...System.Security, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a.............+/.......................................=.@G..?...o.............P...System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089...........Gu.0............f(.......................%...K... .......l.......L...System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089.................>..l..S$.............X...System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089............+/...........H]Z...................... ..a..M...F.F..............T...System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Deployment\4fa111e50d95d3e08c2d856a5394af3b\System.Deployment.ni.dll.aux.tmp

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Matlab v4 mat-file (little endian) X, rows 1356, columns 11, imaginary
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):1364
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.544973760390818
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:24:LwXE4198vhE4dtJE4pVsAE4mfE4nGE4w41qE48gdKDE4UAKIE4nH:LWH19SHdtJHpVsAHgHnGHw41qHbYH9tn
                                                                                                                                                                                                                                                                                                                                  MD5:81E356F831F195D32CE7D6322FD9DBDF
                                                                                                                                                                                                                                                                                                                                  SHA1:824433DD5F27091333FED52724B0E58FE1742253
                                                                                                                                                                                                                                                                                                                                  SHA-256:C38B07B4C8DA246B312D823E12F8533E2C1133546B0ADC2A9A2E50BD2EBA0D3F
                                                                                                                                                                                                                                                                                                                                  SHA-512:ACE595016C59CB4FE230948EA8F9FB312FB0FF0F33B309EE63F221611D2AEB1CDC4DA7187B61EC3C64BE887173F7E68C3AC9BC4584D04BD5A545BDC1DAF66E79
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:....L...............X...System.Deployment, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a...........................+/............Q.........................\J.C.;.gW.......l.......L...mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........I;.:.......l..............T...System.Security, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a.............+/.......................................=.@G..?...o.............P...System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089...........Gu.0............f(.......................%...K... .......l.......L...System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089.................>..l..S$.............X...System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089............+/...........H]Z...................... ..a..M...F.F..............T...System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Design\e6264fe3334740cf9e7da3afc7d524cc\System.Design.ni.dll (copy)

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):12967936
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.234468979744749
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:98304:84hgEL2Xe6Bp7xHc+d52QeZkM3DxmrctbK9TVTyPY:8DECXe6BZ2PiMzxmrPTtyPY
                                                                                                                                                                                                                                                                                                                                  MD5:5037EB4274F960C7D3DF42EC86F13CC9
                                                                                                                                                                                                                                                                                                                                  SHA1:B2E4C4278E0FAEEE804C3949F878B8045071B255
                                                                                                                                                                                                                                                                                                                                  SHA-256:B4A14A1736596C5E34D6D808111BF915F2BEFA91D19626131628D51FAB05A8D2
                                                                                                                                                                                                                                                                                                                                  SHA-512:13C78C2AF35CCF4887A1205AD137D80156102317DACC2B1C1EB3B29EEBCA7B830E5960336EE989474ACE7ED336D30698DB3F83D4C183A56F1D9C2908CCF00497
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@.......................................................................................................PE..d...3>.].........." ..........................fED.........................................`........................................................... .4....C .P...................(p..8...........................................................@. .H............data...H...........................@....text....q.... ..r.................. ..`.reloc...............`..............@..B....................................~=...........................................................................................................................................................................................................................................................................................................................................................p.FD............................dpED...x..FD.../.......4................F.ED...................2.......

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Design\e6264fe3334740cf9e7da3afc7d524cc\System.Design.ni.dll.aux (copy)

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Matlab v4 mat-file (little endian) T, rows 2388, columns 11, imaginary
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):2396
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.579022055117571
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:48:jH1eOHlHnK41qHlHCHeH+ttH6AHXOH3M0H+5HVUYE3HnH/YHw:jRFHbwFi+0tF3O/e59mHfYQ
                                                                                                                                                                                                                                                                                                                                  MD5:35D56E8D14BC605EB20F90F0795222A0
                                                                                                                                                                                                                                                                                                                                  SHA1:28D8583F56FF6E4A39E847AE25BD63D17A54F336
                                                                                                                                                                                                                                                                                                                                  SHA-256:A1D145A216755E3E4E7EACEE0644B121E43241338BE33B6BC1DE54F6B243BCFA
                                                                                                                                                                                                                                                                                                                                  SHA-512:D60E4315AA69FB398CB13B90489DEBC2EF578F6E7992C343592538E059BDBC2BE467A0E487505E6FFA6C2B6C4C9410EFC78F6B7628D8CA772F788BC15E9EBCEE
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:....T...............T...System.Design, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a.........................................L.....................I...s\@.N.xK8C.....l.......L...mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........I;.:.......l......l.......L...System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089.................>..l..S$.............T...System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a..............+/...................................*.]H.a.F..Du.k+.............P...System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a..............+/............_R.......................~G.?.H.9.r>..x............X...System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089............+/...........H]Z...................... ..a..M...F.F..............P...System.Data, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e0

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Design\e6264fe3334740cf9e7da3afc7d524cc\System.Design.ni.dll.aux.tmp

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Matlab v4 mat-file (little endian) T, rows 2388, columns 11, imaginary
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):2396
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.579022055117571
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:48:jH1eOHlHnK41qHlHCHeH+ttH6AHXOH3M0H+5HVUYE3HnH/YHw:jRFHbwFi+0tF3O/e59mHfYQ
                                                                                                                                                                                                                                                                                                                                  MD5:35D56E8D14BC605EB20F90F0795222A0
                                                                                                                                                                                                                                                                                                                                  SHA1:28D8583F56FF6E4A39E847AE25BD63D17A54F336
                                                                                                                                                                                                                                                                                                                                  SHA-256:A1D145A216755E3E4E7EACEE0644B121E43241338BE33B6BC1DE54F6B243BCFA
                                                                                                                                                                                                                                                                                                                                  SHA-512:D60E4315AA69FB398CB13B90489DEBC2EF578F6E7992C343592538E059BDBC2BE467A0E487505E6FFA6C2B6C4C9410EFC78F6B7628D8CA772F788BC15E9EBCEE
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:....T...............T...System.Design, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a.........................................L.....................I...s\@.N.xK8C.....l.......L...mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........I;.:.......l......l.......L...System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089.................>..l..S$.............T...System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a..............+/...................................*.]H.a.F..Du.k+.............P...System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a..............+/............_R.......................~G.?.H.9.r>..x............X...System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089............+/...........H]Z...................... ..a..M...F.F..............P...System.Data, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e0

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Dire5d62f0a2#\a2886f8a05c8adae3050b95af3970e92\System.DirectoryServices.Protocols.ni.dll (copy)

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):560128
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.304697940061689
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:6144:wEkyX9pdLmY7HIxei7jyp+Cq8sB0Gk3vkpMMtyNGCqE:wEkUpoS6j1lk3QMMI5q
                                                                                                                                                                                                                                                                                                                                  MD5:AF33F9F3186D1F551644B658C539BB35
                                                                                                                                                                                                                                                                                                                                  SHA1:46CFA129A2D0859B3F58A2944BC7046C2CFD34B3
                                                                                                                                                                                                                                                                                                                                  SHA-256:EC76AA7794A431F600FB45A11E04189AB69F61EA84F459AD7130F283480EE8EE
                                                                                                                                                                                                                                                                                                                                  SHA-512:9D0EA6D53059B0562117CA2C53AD47D4EA162AF52ABAC04E3A25F0B0EB419BBAE32FE0534374F082C77A14C414BA9D757E68E15C78A63D6B99C307BD6707F396
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@.......................................................................................................PE..d...8>.].........." ..........................bGD.........................................`..........................................................`.......l...2...................}..8............................................................d..H............data...0J.......L..................@....text...g....`... ...N.............. ..`.reloc...............n..............@..B....................................~=............................................................................................................................................................................................................................................................................................................................................................iGD.....................................iGD...,.......8.................cGD...........................

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Dire5d62f0a2#\a2886f8a05c8adae3050b95af3970e92\System.DirectoryServices.Protocols.ni.dll.aux (copy)

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Matlab v4 mat-file (little endian) h, rows 760, columns 11, imaginary
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):768
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.4912765624801585
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:12:XkT8uGS9DLI4Mshn5oAim5JqU2DLI4MWh+eDLI4MWXb/S/oDLI4MWNnET8tDLI4E:0f1E4BjoNhE4FfE4nkAE4uWE44rl
                                                                                                                                                                                                                                                                                                                                  MD5:F5A5035C033C7314FD8BEA3DA86765AA
                                                                                                                                                                                                                                                                                                                                  SHA1:13B9B067923F2FE80B5B778913191C3A903D59C8
                                                                                                                                                                                                                                                                                                                                  SHA-256:00DBF5F7D35A942E8D53886240E8C43710F2F727C19AF92A33F98C5E80F9A2DB
                                                                                                                                                                                                                                                                                                                                  SHA-512:514B8C2C69103F026F5DF7DDC8CEAA48C7A1FA48D53324BFA7D86781AEDBB11B59646DFC0AE426E911B25FD6776BD4C298E764D0CEAFBDD04F40C6196F409FF7
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:....................h...System.DirectoryServices.Protocols, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a........................U./...........H.......................Ab...9M.W.$l.......l.......L...mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........I;.:.......l......l.......L...System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089.................>..l..S$.............P...System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089...........Gu.0............f(.......................%...K... ...............\...System.DirectoryServices, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a.........I..+/...........Ha.......................z.U..G...5.f.1

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Dire5d62f0a2#\a2886f8a05c8adae3050b95af3970e92\System.DirectoryServices.Protocols.ni.dll.aux.tmp

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Matlab v4 mat-file (little endian) h, rows 760, columns 11, imaginary
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):768
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.4912765624801585
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:12:XkT8uGS9DLI4Mshn5oAim5JqU2DLI4MWh+eDLI4MWXb/S/oDLI4MWNnET8tDLI4E:0f1E4BjoNhE4FfE4nkAE4uWE44rl
                                                                                                                                                                                                                                                                                                                                  MD5:F5A5035C033C7314FD8BEA3DA86765AA
                                                                                                                                                                                                                                                                                                                                  SHA1:13B9B067923F2FE80B5B778913191C3A903D59C8
                                                                                                                                                                                                                                                                                                                                  SHA-256:00DBF5F7D35A942E8D53886240E8C43710F2F727C19AF92A33F98C5E80F9A2DB
                                                                                                                                                                                                                                                                                                                                  SHA-512:514B8C2C69103F026F5DF7DDC8CEAA48C7A1FA48D53324BFA7D86781AEDBB11B59646DFC0AE426E911B25FD6776BD4C298E764D0CEAFBDD04F40C6196F409FF7
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:....................h...System.DirectoryServices.Protocols, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a........................U./...........H.......................Ab...9M.W.$l.......l.......L...mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........I;.:.......l......l.......L...System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089.................>..l..S$.............P...System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089...........Gu.0............f(.......................%...K... ...............\...System.DirectoryServices, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a.........I..+/...........Ha.......................z.U..G...5.f.1

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Draw0a54d252#\1add9b3a6e41e9922f7c95ebd442ed4e\System.Drawing.Design.ni.dll (copy)

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):404992
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.2201345508261285
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:3072:bNtrZxoleg6hdiPzfz02+fGvzr3T+f6K7YbdlysJzTwKW+/DRO1JVvfNCcWcBCOg:bPboqyL0ILrEs3wxaSAY95lVEdt
                                                                                                                                                                                                                                                                                                                                  MD5:3BC9053A491AE9C5E3AE862373FC679D
                                                                                                                                                                                                                                                                                                                                  SHA1:51EA739760139FE79474B78547BB3EEE559F1CC4
                                                                                                                                                                                                                                                                                                                                  SHA-256:314B6079F077C5A5659B23E1DDC0E68556AD51B8AA7D0BF08957ECA777657164
                                                                                                                                                                                                                                                                                                                                  SHA-512:24953D777CE66B9CB20A540443C44499DB25565ECBEF1A10A22156F32567185196A75132985FDD029684DA284BE03759B87F33DEA878C50C397F7E8ED563ABE5
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@.......................................................................................................PE..d....3.^.........." ..........................pGD............................P............`..........................................................p..`....|............... ..@*......8...........................................................`t..H............data...0S.......T..................@....text...b....p.......V.............. ..`.reloc..@*... ...,..................@..B....................................~=............................................................................................................................................................................................................................................................................................................................................................uGD...>................................uGD...*...p....................0qGD...........................

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Draw0a54d252#\1add9b3a6e41e9922f7c95ebd442ed4e\System.Drawing.Design.ni.dll.aux (copy)

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Matlab v4 mat-file (little endian) \, rows 1080, columns 11, imaginary
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):1088
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.506738316682431
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:24:PDOE41ykhE4d41qE48wfE4nGE4w0E4+kKIE4nH:bOH1y8Hd41qH1HnGHw0H+ktHH
                                                                                                                                                                                                                                                                                                                                  MD5:46AF5B9C6B35243B3E0747F33E34ADC0
                                                                                                                                                                                                                                                                                                                                  SHA1:F92A4FBAF5D6334D1790BF4C72620E8054575AFD
                                                                                                                                                                                                                                                                                                                                  SHA-256:5BCB54FED642FB25CC7721413EC9BF8FB5121FC35A301CD8FAA5003DC3C84ECB
                                                                                                                                                                                                                                                                                                                                  SHA-512:715F68EADCC85AA282E60A27927C42C878C5BFEFEDA3FFD3C2B2EFF661D3D25C6A69DCB3FFA39F36B1F13D30301632F3FF74582B65D56BCE79FC27AA2BA3C8E2
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:....8...............\...System.Drawing.Design, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a.........................3.+/...................................N5..auH....v.......l.......L...mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........I;.:.......l..............T...System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a..............+/...................................*.]H.a.F..Du.k+.....l.......L...System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089.................>..l..S$.............X...System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089............+/...........H]Z...................... ..a..M...F.F..............T...Accessibility, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a.............../...........(........................M.....K.I8S3x_.............X...System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKe

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Draw0a54d252#\1add9b3a6e41e9922f7c95ebd442ed4e\System.Drawing.Design.ni.dll.aux.tmp

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Matlab v4 mat-file (little endian) \, rows 1080, columns 11, imaginary
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):1088
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.506738316682431
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:24:PDOE41ykhE4d41qE48wfE4nGE4w0E4+kKIE4nH:bOH1y8Hd41qH1HnGHw0H+ktHH
                                                                                                                                                                                                                                                                                                                                  MD5:46AF5B9C6B35243B3E0747F33E34ADC0
                                                                                                                                                                                                                                                                                                                                  SHA1:F92A4FBAF5D6334D1790BF4C72620E8054575AFD
                                                                                                                                                                                                                                                                                                                                  SHA-256:5BCB54FED642FB25CC7721413EC9BF8FB5121FC35A301CD8FAA5003DC3C84ECB
                                                                                                                                                                                                                                                                                                                                  SHA-512:715F68EADCC85AA282E60A27927C42C878C5BFEFEDA3FFD3C2B2EFF661D3D25C6A69DCB3FFA39F36B1F13D30301632F3FF74582B65D56BCE79FC27AA2BA3C8E2
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:....8...............\...System.Drawing.Design, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a.........................3.+/...................................N5..auH....v.......l.......L...mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........I;.:.......l..............T...System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a..............+/...................................*.]H.a.F..Du.k+.....l.......L...System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089.................>..l..S$.............X...System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089............+/...........H]Z...................... ..a..M...F.F..............T...Accessibility, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a.............../...........(........................M.....K.I8S3x_.............X...System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKe

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Ente96d83b35#\cbb85b2c3ecfe129570a8c187041de31\System.EnterpriseServices.Wrapper.dll (copy)

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32+ executable (DLL) (GUI) x86-64 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):350208
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.360984736881725
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:3072:OhE8gQgd1a+JaRp7+1+aCfXliDapJjIz5oWM+VqFIuKxWZjWLHrKy8Y9WyafZiBj:OU+hKOWM+VqFIuKY1s9Wd8BkQP
                                                                                                                                                                                                                                                                                                                                  MD5:231B6E73760607A712F05F54052EE2A1
                                                                                                                                                                                                                                                                                                                                  SHA1:0FCE19AFDA7E30F43835E07B2DCCE6C0EBCE1ECC
                                                                                                                                                                                                                                                                                                                                  SHA-256:9C6C6F2D33CBB2B5A2E7E92634B0014771F3A4989D260400965A0396D4243B22
                                                                                                                                                                                                                                                                                                                                  SHA-512:E599EAF22F95D44B8CF6FC34A0692B0EE7EB622690FDF25B79E03AC4E9BEABCA3D078AD6AC3294DFD712AE0EC14D269126C89035B4441109EE07F743291F9148
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@.......................................................................................................PE..d...|A.].........." .........................................................p............`.................................................................T................@..\*...5..p...............................................................H............data...8m.......n..................@....text................p.............. ..`.reloc..\*...@...,...,..............@..B....................................~=..................................................................................................................................................................................................................................................................................................................................................................................................T.......-.......................(S......U.......................

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Ente96d83b35#\cbb85b2c3ecfe129570a8c187041de31\System.EnterpriseServices.ni.dll (copy)

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):1016832
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.340122325887443
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:12288:sUiQLhc+zmU0Z1XbQuPnQfPCbSa3H/H92nVnRs3OdZmFlCdzgr9NPDzjc3i:snQI1LPnQH4SihpDE3
                                                                                                                                                                                                                                                                                                                                  MD5:9D234EF1B5DE22E0AC4EF0DAD58536A4
                                                                                                                                                                                                                                                                                                                                  SHA1:172F24A4403F11407C77BFC47E1B4A7681E39FCB
                                                                                                                                                                                                                                                                                                                                  SHA-256:AF11FE05876110ADDD9721C43DA6AB53D404B9B39954631DC5B08C8EAD89F933
                                                                                                                                                                                                                                                                                                                                  SHA-512:51B36D47B006D46271F7D07577C74A212B17AC5DEA14AC126C4FD6F1744F021A311F1CD60277945C896B44600D44D1F894AB73E809325C40F8ADC78A78700889
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@.......................................................................................................PE..d....C.].........." ............................D.........................................`.................................................................(...4h...........`..\D...W..8...............................................................H............data...............................@....text....Y.......Z.................. ..`.reloc..\D...`...F...>..............@..B....................................~=............................................................................................................................................................................................................................................................................................................................................................!.D...............................D.....!.D...-.......\...................D...!.......................

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Ente96d83b35#\cbb85b2c3ecfe129570a8c187041de31\System.EnterpriseServices.ni.dll.aux (copy)

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Matlab v4 mat-file (little endian) `, rows 1092, columns 11, imaginary
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):1100
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.501252273343023
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:24:z63uayE41IPhE4LmE4rpZfE4nkAE4uWE44rmKAmE471+:BayH1IHLmHrphHnkAH5H4jAmHU
                                                                                                                                                                                                                                                                                                                                  MD5:0CF4437E0E8A9A6B2DC3F491570595DF
                                                                                                                                                                                                                                                                                                                                  SHA1:7AC2B7D7347811F0F4059CC78BE43A0A26AC6C7A
                                                                                                                                                                                                                                                                                                                                  SHA-256:52DD5D3003E7E548F4E899442C20A8A5EDDA0C8DEDD29D389C043EA0C999CA12
                                                                                                                                                                                                                                                                                                                                  SHA-512:3B73BD99465F8E03F25E5C14D4F7FBD7F314D2114859AE639BA24833DD1E3DA9466E0A78BB5116BAA043439F55C1A57715E016B4125038E4BA4EF34C9F1B4FDE
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:....D...............`...System.EnterpriseServices, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a.........................2.....................................%.':IQlK.#P........l.......L...mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........I;.:.......l..............X...System.Transactions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089...........m./....................................$@...J....M+.B....l.......L...System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089.................>..l..S$.............P...System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089...........Gu.0............f(.......................%...K... ...............\...System.DirectoryServices, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a.........I..+/...........Ha.......................z.U..G...5.f.1............\...System.Runtime.Remoting, Version=4.0.0.0, Culture=neutra

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Ente96d83b35#\cbb85b2c3ecfe129570a8c187041de31\System.EnterpriseServices.ni.dll.aux.tmp

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Matlab v4 mat-file (little endian) `, rows 1092, columns 11, imaginary
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):1100
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.501252273343023
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:24:z63uayE41IPhE4LmE4rpZfE4nkAE4uWE44rmKAmE471+:BayH1IHLmHrphHnkAH5H4jAmHU
                                                                                                                                                                                                                                                                                                                                  MD5:0CF4437E0E8A9A6B2DC3F491570595DF
                                                                                                                                                                                                                                                                                                                                  SHA1:7AC2B7D7347811F0F4059CC78BE43A0A26AC6C7A
                                                                                                                                                                                                                                                                                                                                  SHA-256:52DD5D3003E7E548F4E899442C20A8A5EDDA0C8DEDD29D389C043EA0C999CA12
                                                                                                                                                                                                                                                                                                                                  SHA-512:3B73BD99465F8E03F25E5C14D4F7FBD7F314D2114859AE639BA24833DD1E3DA9466E0A78BB5116BAA043439F55C1A57715E016B4125038E4BA4EF34C9F1B4FDE
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:....D...............`...System.EnterpriseServices, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a.........................2.....................................%.':IQlK.#P........l.......L...mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........I;.:.......l..............X...System.Transactions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089...........m./....................................$@...J....M+.B....l.......L...System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089.................>..l..S$.............P...System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089...........Gu.0............f(.......................%...K... ...............\...System.DirectoryServices, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a.........I..+/...........Ha.......................z.U..G...5.f.1............\...System.Runtime.Remoting, Version=4.0.0.0, Culture=neutra

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Numerics\ce1e4670373608336100bea63bbc8990\System.Numerics.ni.dll (copy)

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):322048
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.392891962546257
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:6144:hBDpWyVMldpnhY1sjSVQOFHpXZjXnZXG:jDpnM3nYGjSfdZ
                                                                                                                                                                                                                                                                                                                                  MD5:F4A8B8C2D4902B5FB537A3FDB0CEFF02
                                                                                                                                                                                                                                                                                                                                  SHA1:81FC51BF1BDF00E98EC99DBE45B663ABBAF63A3D
                                                                                                                                                                                                                                                                                                                                  SHA-256:70BA7B8E7F6901FB1B0DF6D0AD19A9499B204EA296E665D150AEB3B13B74E5D8
                                                                                                                                                                                                                                                                                                                                  SHA-512:A07B89F0E503A0A62C9C95CAA5C87B4EE6A66C08FE2BC7122A1A0E7D720ACDC2A57EA47B1F29B09275F10D02B5657B6AF337D936A24F5E00AF4932CA702DD133
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@.......................................................................................................PE..d....>.].........." ...........................CD.........................................`.............................................................<......................L.......8...........................................................@...H............data... ...........................@....text...pQ.......R.................. ..`.reloc..L...........................@..B....................................~=...........................................................................................................................................................................................................................................................................................................................................................y.CD..............................CD....y.CD...)...,....................r.CD...G.......................

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Numerics\ce1e4670373608336100bea63bbc8990\System.Numerics.ni.dll.aux (copy)

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Matlab v4 mat-file (little endian) T, rows 292, columns 11, imaginary
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):300
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.271548538365068
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:6:gWc/w7ZDLIP12MUAvvR+vlzkclntlkyYo9clATrKDLIP12MUAvvR+8V:z7ZDLI4MW3nXPYoWlU2DLI4MWa
                                                                                                                                                                                                                                                                                                                                  MD5:ECDEF013168988E142051C4E6AAFF8C7
                                                                                                                                                                                                                                                                                                                                  SHA1:736AD3731FF7C69DADE3D5A1E3678C132B7734B0
                                                                                                                                                                                                                                                                                                                                  SHA-256:DB0D9B0AC9F411E7884D3FBD70A800EB32611261CB9C10ADABA8CF72722B765A
                                                                                                                                                                                                                                                                                                                                  SHA-512:D2A30C213949F14F16C5FF9F56B8D8F511129D28A2E5F1B3EA05B790CE61DADC3F599F9304AC6009C90A2323F5B682C3A1F1A8D3AFDDABA13396F8DC3E3F2828
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:....$...............T...System.Numerics, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089......................!..0...........H".........................1...L..U;V.<}....l.......L...mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........I;.:.......l..

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Numerics\ce1e4670373608336100bea63bbc8990\System.Numerics.ni.dll.aux.tmp

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Matlab v4 mat-file (little endian) T, rows 292, columns 11, imaginary
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):300
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.271548538365068
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:6:gWc/w7ZDLIP12MUAvvR+vlzkclntlkyYo9clATrKDLIP12MUAvvR+8V:z7ZDLI4MW3nXPYoWlU2DLI4MWa
                                                                                                                                                                                                                                                                                                                                  MD5:ECDEF013168988E142051C4E6AAFF8C7
                                                                                                                                                                                                                                                                                                                                  SHA1:736AD3731FF7C69DADE3D5A1E3678C132B7734B0
                                                                                                                                                                                                                                                                                                                                  SHA-256:DB0D9B0AC9F411E7884D3FBD70A800EB32611261CB9C10ADABA8CF72722B765A
                                                                                                                                                                                                                                                                                                                                  SHA-512:D2A30C213949F14F16C5FF9F56B8D8F511129D28A2E5F1B3EA05B790CE61DADC3F599F9304AC6009C90A2323F5B682C3A1F1A8D3AFDDABA13396F8DC3E3F2828
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:....$...............T...System.Numerics, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089......................!..0...........H".........................1...L..U;V.<}....l.......L...mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........I;.:.......l..

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runt19c51595#\b5d4608754b2d1d4f1d2d3c00cbcdfe0\System.Runtime.Caching.ni.dll (copy)

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):305664
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.094303618906386
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:3072:d5GBn2kdsVADZBWTe3xNArJpjdhd9X0spSMehIpUkF5Gqildq06/E3fzkBotD8/o:d5GBn2FmDh3yDoMeqByM066zIeQC
                                                                                                                                                                                                                                                                                                                                  MD5:DEB2C19197E42EDDC1636E8D069EAFFE
                                                                                                                                                                                                                                                                                                                                  SHA1:862ACCF42F307FC39B2C7A472415194F4AD88BFB
                                                                                                                                                                                                                                                                                                                                  SHA-256:FAD873D6DB1B3043A3EF804C08549FB9F74BE615FF2D452C820050CACED8BC19
                                                                                                                                                                                                                                                                                                                                  SHA-512:92408CBB745129D280D883E5F7D0F0CDE92D3D4A40C53D449CD28841D0B35BE0191E2BEA21F1F2040EB31137A6954EEF07208C38B6318A94B1B29887561502F8
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@.......................................................................................................PE..d....>.].........." ..........................|ID.........................................`.............................................................l....... ...............$......8...........................................................p...H............data...............................@....text...w........................... ..`.reloc..$...........................@..B....................................~=...........................................................................................................................................................................................................................................................................................................................................................G.ID...F........................R|ID....G.ID...*...|...................(.|ID...........................

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runt19c51595#\b5d4608754b2d1d4f1d2d3c00cbcdfe0\System.Runtime.Caching.ni.dll.aux (copy)

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Matlab v4 mat-file (little endian) \, rows 744, columns 11, imaginary
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):752
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.5317115078392485
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:12:ncRYDLI4MshntDm4U2DLI4MWZ+6K9eDLI4MpgJ+7T+eDLI4MWXb/SBDLI4MWmKbj:TE4BJhE4jKIE4nAfE4nQE4lAA
                                                                                                                                                                                                                                                                                                                                  MD5:FE5C30197910CEB71625638E73F98ECE
                                                                                                                                                                                                                                                                                                                                  SHA1:48F0F76F8E616A077A1700955A3876CB320D54A4
                                                                                                                                                                                                                                                                                                                                  SHA-256:878D2BE02C92CE4A21FBE213F1E1DD7829E8C47B1F95EE86AC9C10980D437B2B
                                                                                                                                                                                                                                                                                                                                  SHA-512:670E4D61CCE9C2E30EF671F4D566FB9A06A0D7E1393CAC3B6318CC09F7659DB1757E256D063F89D4197CF297AC65EC85B7DE215760F4E0EDE16B24B476F580DB
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:....................\...System.Runtime.Caching, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a........................]...........................................O..&W........l.......L...mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........I;.:.......l..............X...System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a...........+/............n......................i..VdqF...|.......l.......L...System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089.................>..l..S$.............P...System.Data, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089.............+/.............6.......................0..~.J.R...L

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runt19c51595#\b5d4608754b2d1d4f1d2d3c00cbcdfe0\System.Runtime.Caching.ni.dll.aux.tmp

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Matlab v4 mat-file (little endian) \, rows 744, columns 11, imaginary
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):752
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.5317115078392485
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:12:ncRYDLI4MshntDm4U2DLI4MWZ+6K9eDLI4MpgJ+7T+eDLI4MWXb/SBDLI4MWmKbj:TE4BJhE4jKIE4nAfE4nQE4lAA
                                                                                                                                                                                                                                                                                                                                  MD5:FE5C30197910CEB71625638E73F98ECE
                                                                                                                                                                                                                                                                                                                                  SHA1:48F0F76F8E616A077A1700955A3876CB320D54A4
                                                                                                                                                                                                                                                                                                                                  SHA-256:878D2BE02C92CE4A21FBE213F1E1DD7829E8C47B1F95EE86AC9C10980D437B2B
                                                                                                                                                                                                                                                                                                                                  SHA-512:670E4D61CCE9C2E30EF671F4D566FB9A06A0D7E1393CAC3B6318CC09F7659DB1757E256D063F89D4197CF297AC65EC85B7DE215760F4E0EDE16B24B476F580DB
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:....................\...System.Runtime.Caching, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a........................]...........................................O..&W........l.......L...mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........I;.:.......l..............X...System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a...........+/............n......................i..VdqF...|.......l.......L...System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089.................>..l..S$.............P...System.Data, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089.............+/.............6.......................0..~.J.R...L

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\f975db3abcedde8df2408b15e2c6dd09\System.Runtime.Serialization.Formatters.Soap.ni.dll (copy)

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):353280
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.425396368012398
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:6144:BZMm4oCgyJkTtlMmd0b6xOzens3mz13yN6F:Bb4oHYotl9dY6QzeQmRiwF
                                                                                                                                                                                                                                                                                                                                  MD5:FC1D15780A9C0DDDDF0612A01F5B7261
                                                                                                                                                                                                                                                                                                                                  SHA1:9BEC1F5F382227FA702C37C8E40ED46D0D95B59B
                                                                                                                                                                                                                                                                                                                                  SHA-256:DED32C661E8505F76AB0D65368A7293D6EC9A2FECA0A9075EF5A6550162EC98D
                                                                                                                                                                                                                                                                                                                                  SHA-512:39BE1B4923048A436032EAC10537A003FEF9A682698837D5BFF7AE353DD83C93AB09902B66D76C1F8211CA49A7515267EB88318537AD0C209F97F29DCA5BB44D
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@.......................................................................................................PE..d....>.].........." ...........................ID.........................................`.................................................................h...0............p.......f..8...............................................................H............data...............................@....text...Q........................... ..`.reloc.......p.......X..............@..B....................................~=..........................................................................................................................................................................................................................................................................................................................................................8.ID...1.................................ID...*...P....................m.ID...........................

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\f975db3abcedde8df2408b15e2c6dd09\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux (copy)

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Matlab v4 mat-file (little endian) p, rows 636, columns 11, imaginary
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):644
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.401621204939633
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:12:zk+hWDLI4MKnBxiU2DLI4MWJ/oDLI4MWNnE+eDLI4MWMRm4R:gNE4VshE41AE4ufE4VA
                                                                                                                                                                                                                                                                                                                                  MD5:20C1A566AF6A1E27709BB3E5A7792856
                                                                                                                                                                                                                                                                                                                                  SHA1:4B79A34B13490DAB06E2738EF8D6138F69CCDDFD
                                                                                                                                                                                                                                                                                                                                  SHA-256:8F34E999C237ABA240744C3F9249D4347A017571D2CFEA376ED32EAC8F0ABF25
                                                                                                                                                                                                                                                                                                                                  SHA-512:989AF675192682B549F1944F19EA8737BD385CEEF0DA32B2E8F3312B5A6AD17D8958F6F3146139B1DE15DDC2EC7ABB9980388D52E7CA8AF6E5D38540454801CC
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:....|...............p...System.Runtime.Serialization.Formatters.Soap, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a......................B./...........0,....................... .a.gH.5v...k,....l.......L...mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........I;.:.......l..............P...System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089...........Gu.0............f(.......................%...K... ...............L...System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089............F.+/...........HE6............................C.l]..7.s

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\f975db3abcedde8df2408b15e2c6dd09\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux.tmp

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Matlab v4 mat-file (little endian) p, rows 636, columns 11, imaginary
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):644
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.401621204939633
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:12:zk+hWDLI4MKnBxiU2DLI4MWJ/oDLI4MWNnE+eDLI4MWMRm4R:gNE4VshE41AE4ufE4VA
                                                                                                                                                                                                                                                                                                                                  MD5:20C1A566AF6A1E27709BB3E5A7792856
                                                                                                                                                                                                                                                                                                                                  SHA1:4B79A34B13490DAB06E2738EF8D6138F69CCDDFD
                                                                                                                                                                                                                                                                                                                                  SHA-256:8F34E999C237ABA240744C3F9249D4347A017571D2CFEA376ED32EAC8F0ABF25
                                                                                                                                                                                                                                                                                                                                  SHA-512:989AF675192682B549F1944F19EA8737BD385CEEF0DA32B2E8F3312B5A6AD17D8958F6F3146139B1DE15DDC2EC7ABB9980388D52E7CA8AF6E5D38540454801CC
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:....|...............p...System.Runtime.Serialization.Formatters.Soap, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a......................B./...........0,....................... .a.gH.5v...k,....l.......L...mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........I;.:.......l..............P...System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089...........Gu.0............f(.......................%...K... ...............L...System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089............F.+/...........HE6............................C.l]..7.s

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Security\bde2021ecdaa53585a395f095971633c\System.Security.ni.dll (copy)

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):1010176
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.390647351452728
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:12288:MsieoGzXs1r/4M7Km80TR+m1ML71n6VS3fQoL1iqqkQyW:MFqur980Twm1MN13YC
                                                                                                                                                                                                                                                                                                                                  MD5:F1F2CE62E1C36B6EB1E64FA2085D738E
                                                                                                                                                                                                                                                                                                                                  SHA1:299A4D69367A2F96571976EB0A6A8D3C9727F870
                                                                                                                                                                                                                                                                                                                                  SHA-256:967DD73C7EE643E2D03F8F82F8EFF0712CA8AA71AD1E5EBF1D89EA2C7BEDF1E0
                                                                                                                                                                                                                                                                                                                                  SHA-512:716D0B81FECB9F20CE8124DB49B9CBF95A19330912BBA5FC21FA4A72FB24F9259A2A2AE19D00AA6A334F1AEE4632DA0AFAC5A35A14825338D5DCC4A0897B70A3
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@.......................................................................................................PE..d...p.O_.........." ...........................ID.........................................`.............................................................P........S...........@...:...9..8...........................................................P...H............data...H...........................@....text............................... ..`.reloc...:...@...<..................@..B....................................~=...........................................................................................................................................................................................................................................................................................................................................................+.ID...........................Hv.ID...L-.ID...,.......T...............`.ID... .......................

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Security\bde2021ecdaa53585a395f095971633c\System.Security.ni.dll.aux (copy)

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Matlab v4 mat-file (little endian) T, rows 904, columns 11, imaginary
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):912
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.497390555517323
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:12:l7tNDLI4MaHnz+0GD7OU2DLI4MWJ/oDLI4MWNnc+eDLI4MWXb/C+wKDLI4MWmZ+c:PJE4Hi0hE41AE4mfE4n5E4SKIE4nH
                                                                                                                                                                                                                                                                                                                                  MD5:FDB0F1BA5BBA5D0EA74B60B634040E4D
                                                                                                                                                                                                                                                                                                                                  SHA1:8E409B07301EE4BE1C2CD1A9814509C3B5BB2520
                                                                                                                                                                                                                                                                                                                                  SHA-256:2700D644DC14100DF8D95FBF534B35F9D4090FD65E526A818679B46096D3A060
                                                                                                                                                                                                                                                                                                                                  SHA-512:F64A77874E97EF3BC530F318F7FA08D7A772F60FA2D038B851BBED62873D6E336876943F72EB07791259031AA1993295811330303A277BEDD8CEB4615DD2A300
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:....................T...System.Security, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a.........................+/.......................................=.@G..?...o.....l.......L...mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........I;.:.......l..............P...System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089...........Gu.0............f(.......................%...K... .......l.......L...System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089.................>..l..S$.............X...System.Data.SqlXml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..............0...........(6.......................rwB.PA.z.$...............X...System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a...........+/............n......................i..VdqF...|...

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Security\bde2021ecdaa53585a395f095971633c\System.Security.ni.dll.aux.tmp

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Matlab v4 mat-file (little endian) T, rows 904, columns 11, imaginary
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):912
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.497390555517323
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:12:l7tNDLI4MaHnz+0GD7OU2DLI4MWJ/oDLI4MWNnc+eDLI4MWXb/C+wKDLI4MWmZ+c:PJE4Hi0hE41AE4mfE4n5E4SKIE4nH
                                                                                                                                                                                                                                                                                                                                  MD5:FDB0F1BA5BBA5D0EA74B60B634040E4D
                                                                                                                                                                                                                                                                                                                                  SHA1:8E409B07301EE4BE1C2CD1A9814509C3B5BB2520
                                                                                                                                                                                                                                                                                                                                  SHA-256:2700D644DC14100DF8D95FBF534B35F9D4090FD65E526A818679B46096D3A060
                                                                                                                                                                                                                                                                                                                                  SHA-512:F64A77874E97EF3BC530F318F7FA08D7A772F60FA2D038B851BBED62873D6E336876943F72EB07791259031AA1993295811330303A277BEDD8CEB4615DD2A300
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:....................T...System.Security, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a.........................+/.......................................=.@G..?...o.....l.......L...mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........I;.:.......l..............P...System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089...........Gu.0............f(.......................%...K... .......l.......L...System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089.................>..l..S$.............X...System.Data.SqlXml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..............0...........(6.......................rwB.PA.z.$...............X...System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a...........+/............n......................i..VdqF...|...

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Servd1dec626#\aa6a3ae1d00b1eb221bba5375e6387b1\System.ServiceModel.Internals.ni.dll (copy)

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):1002496
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.1945884091156955
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:12288:hOe5y8vRt6KkH6VKnaScs0R9X8K9350+yWf/kiG5ncrVV1F7SfxHqGb:hzd7VwaScs0HX8K93Rcimfx
                                                                                                                                                                                                                                                                                                                                  MD5:87C2E5675D1A78942E3920CB0D1A979C
                                                                                                                                                                                                                                                                                                                                  SHA1:637D94B5CADB3AB023855514F4B039BB9C492C80
                                                                                                                                                                                                                                                                                                                                  SHA-256:610CC0ED6885CCA275845688F8ABBD5F6656C31507CDB967776D17A6E0529F16
                                                                                                                                                                                                                                                                                                                                  SHA-512:E58346BCCBFA7AE4759E70E774C69C3D044345B4B785C74448CF7D9C36BE4CE770E4297B6ADE2CD680838EB2D3917BA37528A19D3BE8060CA131C709E7033B81
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@.......................................................................................................PE..d....1.b.........." ..........................N&D............................p............`..........................................................@......8....N..............xp......8............................................................D..H............data....*.......,..................@....text...N....@...................... ..`.reloc..xp.......r..................@..B....................................~=..........................................................................................................................................................................................................................................................................................................................................................H.[&D...................,........PO&D.....[&D...,.......D...............p7Q&D...........................

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Servd1dec626#\aa6a3ae1d00b1eb221bba5375e6387b1\System.ServiceModel.Internals.ni.dll.aux (copy)

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Matlab v4 mat-file (little endian) d, rows 584, columns 11, imaginary
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):592
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.470767892413205
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:12:HM+q3DLI4MG/hn6HuSHQVgU2DLI4MWh+eDLI4MWXb/S/oDLI4MWNnr:aTE45/JSHCghE4FfE4nkAE4d
                                                                                                                                                                                                                                                                                                                                  MD5:35E927DE53FEFBA5B9335F3238A6ACA5
                                                                                                                                                                                                                                                                                                                                  SHA1:4075D752E242F7F6A9120E6B3DA2EE81A7D01559
                                                                                                                                                                                                                                                                                                                                  SHA-256:DB4386CCA65C7C08F0FBB3DE487D470F7C9DCB7B163D0A980BA270BDD637B083
                                                                                                                                                                                                                                                                                                                                  SHA-512:50B2D9C70AA2215E42FEA6E387F9D69B22D8C28DDFFAA54EB378A322CD31C6A11C7478B4FF2800D12D2B45A4A70E23137BFC96C43E50EE0AC164202881868ACF
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:....H...............d...System.ServiceModel.Internals, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35.........................Z.+/...........0...........................zx.L.u.'. |.....l.......L...mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........I;.:.......l......l.......L...System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089.................>..l..S$.............P...System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089...........Gu.0............f(.......................%...K... ...

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Servd1dec626#\aa6a3ae1d00b1eb221bba5375e6387b1\System.ServiceModel.Internals.ni.dll.aux.tmp

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Matlab v4 mat-file (little endian) d, rows 584, columns 11, imaginary
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):592
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.470767892413205
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:12:HM+q3DLI4MG/hn6HuSHQVgU2DLI4MWh+eDLI4MWXb/S/oDLI4MWNnr:aTE45/JSHCghE4FfE4nkAE4d
                                                                                                                                                                                                                                                                                                                                  MD5:35E927DE53FEFBA5B9335F3238A6ACA5
                                                                                                                                                                                                                                                                                                                                  SHA1:4075D752E242F7F6A9120E6B3DA2EE81A7D01559
                                                                                                                                                                                                                                                                                                                                  SHA-256:DB4386CCA65C7C08F0FBB3DE487D470F7C9DCB7B163D0A980BA270BDD637B083
                                                                                                                                                                                                                                                                                                                                  SHA-512:50B2D9C70AA2215E42FEA6E387F9D69B22D8C28DDFFAA54EB378A322CD31C6A11C7478B4FF2800D12D2B45A4A70E23137BFC96C43E50EE0AC164202881868ACF
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:....H...............d...System.ServiceModel.Internals, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35.........................Z.+/...........0...........................zx.L.u.'. |.....l.......L...mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........I;.:.......l......l.......L...System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089.................>..l..S$.............P...System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089...........Gu.0............f(.......................%...K... ...

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Web.82d5542b#\9c63130543c9d395491387159924bf83\System.Web.RegularExpressions.ni.dll (copy)

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):309248
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.360685980376763
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:3072:pMAUITIKRnpXiQ3pRsKh7jfg6WF4E4AZGmMZB9HCCD2A/MAkbm4j8W+4sIf8E:WQfRpiQ3pRsv4AXE9iCy1msL+4t
                                                                                                                                                                                                                                                                                                                                  MD5:CB84F8E411AC71C2D0EECA37723AD451
                                                                                                                                                                                                                                                                                                                                  SHA1:56FA220966B27EF79896658546E61931A1D84D9A
                                                                                                                                                                                                                                                                                                                                  SHA-256:C497D8E3EC0480F1407E192888AB274F76B3BC0C0DC9457FDEB5DADA132FB257
                                                                                                                                                                                                                                                                                                                                  SHA-512:3A18B54BC9D0F5D6C9F6F9500C923F0605C77F7A72600524DAEC38E5A6C1EE38F9C401AF8898D718F21A97A91D20F4322EED98683ACF171C2A6317E0826F3C41
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@.......................................................................................................PE..d...?>.].........." ..........................4ID.........................................`.................................................................|... .......................8...............................................................H............data...8e.......f..................@....text...BE.......F...h.............. ..`.reloc..............................@..B....................................~=...........................................................................................................................................................................................................................................................................................................................................................J8ID...S........................+4ID....J8ID...*...p... ................f4ID...".......................

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Web.82d5542b#\9c63130543c9d395491387159924bf83\System.Web.RegularExpressions.ni.dll.aux (copy)

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Matlab v4 mat-file (little endian) d, rows 424, columns 11, imaginary
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):432
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.476990368312239
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:12:b+uWNOoDLI4MehnXHQUwfU2DLI4MWh+eDLI4MWXF:o3E411qfhE4FfE4x
                                                                                                                                                                                                                                                                                                                                  MD5:F5A05D84AD0AC7215429DB2B08E30BF8
                                                                                                                                                                                                                                                                                                                                  SHA1:AC942D8C7EE7BBE0714A38F9A59165132776D9D6
                                                                                                                                                                                                                                                                                                                                  SHA-256:EA30242D8C4B072E18BB7BBFCE98FF061646AFA8672B561ABFDB9C3A6B271122
                                                                                                                                                                                                                                                                                                                                  SHA-512:10677178A61AA35B15511982584D0ABB764D62C9A7EBDAF6AD57C568464228A665DF59F671E4987CD7C3E213E31E8EA8ED7BE0C0BB9FDC07A9DCAB4F82529820
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:....................d...System.Web.RegularExpressions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a........................sA./...................................Nf.%BS.E.....$......l.......L...mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........I;.:.......l......l.......L...System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089.................>..l..S$.

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Web.82d5542b#\9c63130543c9d395491387159924bf83\System.Web.RegularExpressions.ni.dll.aux.tmp

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Matlab v4 mat-file (little endian) d, rows 424, columns 11, imaginary
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):432
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.476990368312239
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:12:b+uWNOoDLI4MehnXHQUwfU2DLI4MWh+eDLI4MWXF:o3E411qfhE4FfE4x
                                                                                                                                                                                                                                                                                                                                  MD5:F5A05D84AD0AC7215429DB2B08E30BF8
                                                                                                                                                                                                                                                                                                                                  SHA1:AC942D8C7EE7BBE0714A38F9A59165132776D9D6
                                                                                                                                                                                                                                                                                                                                  SHA-256:EA30242D8C4B072E18BB7BBFCE98FF061646AFA8672B561ABFDB9C3A6B271122
                                                                                                                                                                                                                                                                                                                                  SHA-512:10677178A61AA35B15511982584D0ABB764D62C9A7EBDAF6AD57C568464228A665DF59F671E4987CD7C3E213E31E8EA8ED7BE0C0BB9FDC07A9DCAB4F82529820
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:....................d...System.Web.RegularExpressions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a........................sA./...................................Nf.%BS.E.....$......l.......L...mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........I;.:.......l......l.......L...System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089.................>..l..S$.

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Web.8dc504e4#\51cf3243e3f9124c32bc8614b4bcda4e\System.Web.ApplicationServices.ni.dll (copy)

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):113152
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.63212387656457
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:1536:P3V/0aLnBbvA3uDIoVQk7opKCRA6AKfteWr7PJje4OX1GJgpZKz1sbHmf+g+cPL7:tGJzWbJpcPLDQIH/dDIR6cWoyRFYAR
                                                                                                                                                                                                                                                                                                                                  MD5:ADC6A889E314AD8944818F51C2BC48EE
                                                                                                                                                                                                                                                                                                                                  SHA1:BDA35706FDE7C38CD084143706C2BE0C088141DB
                                                                                                                                                                                                                                                                                                                                  SHA-256:D03557A676F5752F0144AA242C6D2F61C5AB37C9B68AFC0C84F8633D267C855C
                                                                                                                                                                                                                                                                                                                                  SHA-512:9F3433040B51B7AEDDB2A4F0AAA36E9C8E8A520132D998C969C6166ADDEF6510008ECECF25AEDEC8C9E9C6AB91C6F7F49CC45E22CA14BE205F1B9204F5F6510D
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@.......................................................................................................PE..d...#..b.........." ..........................xID.........................................`.................................................................,...........................8...............................................................H............data....j.......l..................@....text....@.......B...n.............. ..`.reloc..............................@..B....................................~=..........................................................................................................................................................................................................................................................................................................................................................L.yID...........................X>xID...t.yID...)...(...................pixID...a.......................

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Web.8dc504e4#\51cf3243e3f9124c32bc8614b4bcda4e\System.Web.ApplicationServices.ni.dll.aux (copy)

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Matlab v4 mat-file (little endian) d, rows 592, columns 11, imaginary
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):600
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.505277582426482
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:12:PM+uFDLI4Mkhnlo7MU2DLI4MWZ+6K9eDLI4MpgJ+7T+eDLI4MWXF:6E4tGMhE4jKIE4nAfE4x
                                                                                                                                                                                                                                                                                                                                  MD5:7527CB1DFFB35AB0A017C896C6F650BD
                                                                                                                                                                                                                                                                                                                                  SHA1:672C2253525BEAAFFAB55D076B3790BDD7B7440E
                                                                                                                                                                                                                                                                                                                                  SHA-256:C0BF8E2427C8121B3345ABCFA780D32587F5EFC8B4FCBD2BEBD3E71918DC9A7F
                                                                                                                                                                                                                                                                                                                                  SHA-512:0342E2411F6E8EDF9338E8641EC563DAFF71B17AC2AE542C20A018BDC0F43DE94E15B41D41F2784A93715F2FB0700BC8AA9787F51675B69FCE351FA60B9EAC3A
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:....P...............d...System.Web.ApplicationServices, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35........................F.+/...........h.......................z.....E.D7...>....l.......L...mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........I;.:.......l..............X...System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a...........+/............n......................i..VdqF...|.......l.......L...System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089.................>..l..S$.

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Web.8dc504e4#\51cf3243e3f9124c32bc8614b4bcda4e\System.Web.ApplicationServices.ni.dll.aux.tmp

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Matlab v4 mat-file (little endian) d, rows 592, columns 11, imaginary
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):600
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.505277582426482
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:12:PM+uFDLI4Mkhnlo7MU2DLI4MWZ+6K9eDLI4MpgJ+7T+eDLI4MWXF:6E4tGMhE4jKIE4nAfE4x
                                                                                                                                                                                                                                                                                                                                  MD5:7527CB1DFFB35AB0A017C896C6F650BD
                                                                                                                                                                                                                                                                                                                                  SHA1:672C2253525BEAAFFAB55D076B3790BDD7B7440E
                                                                                                                                                                                                                                                                                                                                  SHA-256:C0BF8E2427C8121B3345ABCFA780D32587F5EFC8B4FCBD2BEBD3E71918DC9A7F
                                                                                                                                                                                                                                                                                                                                  SHA-512:0342E2411F6E8EDF9338E8641EC563DAFF71B17AC2AE542C20A018BDC0F43DE94E15B41D41F2784A93715F2FB0700BC8AA9787F51675B69FCE351FA60B9EAC3A
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:....P...............d...System.Web.ApplicationServices, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35........................F.+/...........h.......................z.....E.D7...>....l.......L...mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........I;.:.......l..............X...System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a...........+/............n......................i..VdqF...|.......l.......L...System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089.................>..l..S$.

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Web\0bc179a6f5376dabed45d64773e7a963\System.Web.ni.dll (copy)

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):16944640
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.423837005716663
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:98304:8SziAtOTrARuiqZmUifJaj3KyEGx6gIavGM5UTvCYiko5NGcFCCUL9npKP/5UUD2:r2yuiqEZfJo6jPmYikovGYP/HYIRj
                                                                                                                                                                                                                                                                                                                                  MD5:E9E08604934E84C7EDE246B2102A3DD1
                                                                                                                                                                                                                                                                                                                                  SHA1:63F2ECA3AE7BAA5C8970AC904EC648C42041555A
                                                                                                                                                                                                                                                                                                                                  SHA-256:A3F31A910EA9AAB8D60E92BAD40D0E66031E067DF6DA4A25BFB5093485991B65
                                                                                                                                                                                                                                                                                                                                  SHA-512:1C5C2E6FD1AE6785C5A35A2288215677A8130F97C1BB1C07F7DFC3185283784DBFD6B28DACC466E7927CE583BE18273C7527E19DD40027516B83FBB23C14E383
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@.......................................................................................................PE..d......b.........." ............................D.........................................`..........................................................P..8.....=..c...........p.../..pi..8...........................................................@T..H............data....?.......@..................@....text........P.......B.............. ..`.reloc.../...p...0...^..............@..B....................................~=..........................................................................................................................................................................................................................................................................................................................................................D...D...........................h6..D.......D...0....................... .0.D...A...............`.......

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Web\0bc179a6f5376dabed45d64773e7a963\System.Web.ni.dll.aux (copy)

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Matlab v4 mat-file (little endian) P, rows 3964, columns 11, imaginary
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):3972
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.614306212114042
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:96:JbDt6HQcYnmSwtjNh0jLmYqrguI7cDymh08nalp7zmtLr:JbDt6HQcYmSwtjT0jLmYq8uTmmh08naa
                                                                                                                                                                                                                                                                                                                                  MD5:5472088733A43AD02685E8DADDED319A
                                                                                                                                                                                                                                                                                                                                  SHA1:0B5CB2363ABE05A5D7D8C0BA590E10223C4AF0AB
                                                                                                                                                                                                                                                                                                                                  SHA-256:99F9457E5953614D88DF5EE88D5E420BC25E803FC51870E09BEF976658B06BB7
                                                                                                                                                                                                                                                                                                                                  SHA-512:C3DF09F63A51CAA3537DEFD8012D632F93B50FCC8FBE918C6EA3C4D392C9A849050E43C7230FF49A07077A6FC164F6DD7951EB1297EA79F18CC7702D7F42F82B
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:....|...............P...System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a..........................+/............_R.......................~G.?.H.9.r>..x....l.......L...mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........I;.:.......l..............X...System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a...........+/............n......................i..VdqF...|.......l.......L...System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089.................>..l..S$.............P...System.Data, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089.............+/.............6.......................0..~.J.R...L....p.......P...System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........12f.`.i%O2..G..............`...System.EnterpriseServices, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a.............2.................

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Web\0bc179a6f5376dabed45d64773e7a963\System.Web.ni.dll.aux.tmp

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Matlab v4 mat-file (little endian) P, rows 3964, columns 11, imaginary
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):3972
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.614306212114042
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:96:JbDt6HQcYnmSwtjNh0jLmYqrguI7cDymh08nalp7zmtLr:JbDt6HQcYmSwtjT0jLmYq8uTmmh08naa
                                                                                                                                                                                                                                                                                                                                  MD5:5472088733A43AD02685E8DADDED319A
                                                                                                                                                                                                                                                                                                                                  SHA1:0B5CB2363ABE05A5D7D8C0BA590E10223C4AF0AB
                                                                                                                                                                                                                                                                                                                                  SHA-256:99F9457E5953614D88DF5EE88D5E420BC25E803FC51870E09BEF976658B06BB7
                                                                                                                                                                                                                                                                                                                                  SHA-512:C3DF09F63A51CAA3537DEFD8012D632F93B50FCC8FBE918C6EA3C4D392C9A849050E43C7230FF49A07077A6FC164F6DD7951EB1297EA79F18CC7702D7F42F82B
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:....|...............P...System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a..........................+/............_R.......................~G.?.H.9.r>..x....l.......L...mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........I;.:.......l..............X...System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a...........+/............n......................i..VdqF...|.......l.......L...System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089.................>..l..S$.............P...System.Data, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089.............+/.............6.......................0..~.J.R...L....p.......P...System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089..........12f.`.i%O2..G..............`...System.EnterpriseServices, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a.............2.................

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1090-0\System.Data.OracleClient.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):1414656
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.34281516619661
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:24576:BMJH+CD3P4uA8UDH8+0ObWCR6OJrDZK2a:qJH+kf4udUlcOJPZK
                                                                                                                                                                                                                                                                                                                                  MD5:DB80A71D8320703B75834F67EEDCF07B
                                                                                                                                                                                                                                                                                                                                  SHA1:C66CBADA6BC1247311B0DA7FBD1C1D1C389941DD
                                                                                                                                                                                                                                                                                                                                  SHA-256:F32885BA6CD0C7397DFD11657CF5F158B095810EC6DB169A1E2683CCB92CD832
                                                                                                                                                                                                                                                                                                                                  SHA-512:DF7AB774223DF2D9415F355C2DF25CC54ADC45FB0FCD04CCD258B4781B60F0C90268628A17A82FCB0E24B17234BB0C488279CA980B012E594140AA2C84FD43E1
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@.......................................................................................................PE..d....D.].........." ......................................................................`.............................................................d...T...............`..\P...P..p...........................................................p...H............data...Pw.......x..................@....text...A............z.............. ..`.reloc..\P...`...R...D..............@..B....................................V=..........................................................................................................................................................................................................................................................................................................................................................................................................,...<...@...............P.......@.......................

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\11ac-0\EnableLoopback.exe

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32+ executable (DLL) (GUI) x86-64 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):164352
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.725779110557342
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:3072:ZBMFmR7AMaMjvmKrISaR7nuHXtFbAkxI6rKcyw:ZBJN+KrkRKHXtFbAkxI6m9w
                                                                                                                                                                                                                                                                                                                                  MD5:1799EB038905DCF58A714D8A2DA5A87B
                                                                                                                                                                                                                                                                                                                                  SHA1:70B718BC232D2A60C8EF3A31AAA05F1A2C0D7FF8
                                                                                                                                                                                                                                                                                                                                  SHA-256:FD838B4C265ADECFDD197975D17027AD511E334AB79F9BBC7D06C2198D6FCF34
                                                                                                                                                                                                                                                                                                                                  SHA-512:021BB279A72D5EE3AF70FF062ADB2AB054125EBC3867E56170FC3E5CB5E8A5953CCC1F4C2F40E57B1035D451555776BC0E65E5E7CC19FE10BC6328B54948C699
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@.......................................................................................................PE..d......f.........." ............................D.........................................`.................................................................@.......................p...8..............................................................H............data...............................@....text............................... ..`.reloc...............n..............@..B....................................~5...........................................................................................................................................................................................................................................................................................................................................................i..D....................................i..D...(...........................D...........................

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1260-0\System.Design.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):12967936
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.234468979744749
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:98304:84hgEL2Xe6Bp7xHc+d52QeZkM3DxmrctbK9TVTyPY:8DECXe6BZ2PiMzxmrPTtyPY
                                                                                                                                                                                                                                                                                                                                  MD5:5037EB4274F960C7D3DF42EC86F13CC9
                                                                                                                                                                                                                                                                                                                                  SHA1:B2E4C4278E0FAEEE804C3949F878B8045071B255
                                                                                                                                                                                                                                                                                                                                  SHA-256:B4A14A1736596C5E34D6D808111BF915F2BEFA91D19626131628D51FAB05A8D2
                                                                                                                                                                                                                                                                                                                                  SHA-512:13C78C2AF35CCF4887A1205AD137D80156102317DACC2B1C1EB3B29EEBCA7B830E5960336EE989474ACE7ED336D30698DB3F83D4C183A56F1D9C2908CCF00497
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@.......................................................................................................PE..d...3>.].........." ..........................fED.........................................`........................................................... .4....C .P...................(p..8...........................................................@. .H............data...H...........................@....text....q.... ..r.................. ..`.reloc...............`..............@..B....................................~=...........................................................................................................................................................................................................................................................................................................................................................p.FD............................dpED...x..FD.../.......4................F.ED...................2.......

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1280-0\System.Web.RegularExpressions.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):309248
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.360685980376763
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:3072:pMAUITIKRnpXiQ3pRsKh7jfg6WF4E4AZGmMZB9HCCD2A/MAkbm4j8W+4sIf8E:WQfRpiQ3pRsv4AXE9iCy1msL+4t
                                                                                                                                                                                                                                                                                                                                  MD5:CB84F8E411AC71C2D0EECA37723AD451
                                                                                                                                                                                                                                                                                                                                  SHA1:56FA220966B27EF79896658546E61931A1D84D9A
                                                                                                                                                                                                                                                                                                                                  SHA-256:C497D8E3EC0480F1407E192888AB274F76B3BC0C0DC9457FDEB5DADA132FB257
                                                                                                                                                                                                                                                                                                                                  SHA-512:3A18B54BC9D0F5D6C9F6F9500C923F0605C77F7A72600524DAEC38E5A6C1EE38F9C401AF8898D718F21A97A91D20F4322EED98683ACF171C2A6317E0826F3C41
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@.......................................................................................................PE..d...?>.].........." ..........................4ID.........................................`.................................................................|... .......................8...............................................................H............data...8e.......f..................@....text...BE.......F...h.............. ..`.reloc..............................@..B....................................~=...........................................................................................................................................................................................................................................................................................................................................................J8ID...S........................+4ID....J8ID...*...p... ................f4ID...".......................

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1408-0\System.Drawing.Design.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):404992
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.2201345508261285
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:3072:bNtrZxoleg6hdiPzfz02+fGvzr3T+f6K7YbdlysJzTwKW+/DRO1JVvfNCcWcBCOg:bPboqyL0ILrEs3wxaSAY95lVEdt
                                                                                                                                                                                                                                                                                                                                  MD5:3BC9053A491AE9C5E3AE862373FC679D
                                                                                                                                                                                                                                                                                                                                  SHA1:51EA739760139FE79474B78547BB3EEE559F1CC4
                                                                                                                                                                                                                                                                                                                                  SHA-256:314B6079F077C5A5659B23E1DDC0E68556AD51B8AA7D0BF08957ECA777657164
                                                                                                                                                                                                                                                                                                                                  SHA-512:24953D777CE66B9CB20A540443C44499DB25565ECBEF1A10A22156F32567185196A75132985FDD029684DA284BE03759B87F33DEA878C50C397F7E8ED563ABE5
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@.......................................................................................................PE..d....3.^.........." ..........................pGD............................P............`..........................................................p..`....|............... ..@*......8...........................................................`t..H............data...0S.......T..................@....text...b....p.......V.............. ..`.reloc..@*... ...,..................@..B....................................~=............................................................................................................................................................................................................................................................................................................................................................uGD...>................................uGD...*...p....................0qGD...........................

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1454-0\System.Numerics.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):322048
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.392891962546257
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:6144:hBDpWyVMldpnhY1sjSVQOFHpXZjXnZXG:jDpnM3nYGjSfdZ
                                                                                                                                                                                                                                                                                                                                  MD5:F4A8B8C2D4902B5FB537A3FDB0CEFF02
                                                                                                                                                                                                                                                                                                                                  SHA1:81FC51BF1BDF00E98EC99DBE45B663ABBAF63A3D
                                                                                                                                                                                                                                                                                                                                  SHA-256:70BA7B8E7F6901FB1B0DF6D0AD19A9499B204EA296E665D150AEB3B13B74E5D8
                                                                                                                                                                                                                                                                                                                                  SHA-512:A07B89F0E503A0A62C9C95CAA5C87B4EE6A66C08FE2BC7122A1A0E7D720ACDC2A57EA47B1F29B09275F10D02B5657B6AF337D936A24F5E00AF4932CA702DD133
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@.......................................................................................................PE..d....>.].........." ...........................CD.........................................`.............................................................<......................L.......8...........................................................@...H............data... ...........................@....text...pQ.......R.................. ..`.reloc..L...........................@..B....................................~=...........................................................................................................................................................................................................................................................................................................................................................y.CD..............................CD....y.CD...)...,....................r.CD...G.......................

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\172c-0\System.Runtime.Serialization.Formatters.Soap.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):353280
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.425396368012398
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:6144:BZMm4oCgyJkTtlMmd0b6xOzens3mz13yN6F:Bb4oHYotl9dY6QzeQmRiwF
                                                                                                                                                                                                                                                                                                                                  MD5:FC1D15780A9C0DDDDF0612A01F5B7261
                                                                                                                                                                                                                                                                                                                                  SHA1:9BEC1F5F382227FA702C37C8E40ED46D0D95B59B
                                                                                                                                                                                                                                                                                                                                  SHA-256:DED32C661E8505F76AB0D65368A7293D6EC9A2FECA0A9075EF5A6550162EC98D
                                                                                                                                                                                                                                                                                                                                  SHA-512:39BE1B4923048A436032EAC10537A003FEF9A682698837D5BFF7AE353DD83C93AB09902B66D76C1F8211CA49A7515267EB88318537AD0C209F97F29DCA5BB44D
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@.......................................................................................................PE..d....>.].........." ...........................ID.........................................`.................................................................h...0............p.......f..8...............................................................H............data...............................@....text...Q........................... ..`.reloc.......p.......X..............@..B....................................~=..........................................................................................................................................................................................................................................................................................................................................................8.ID...1.................................ID...*...P....................m.ID...........................

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1958-0\System.ComponentModel.DataAnnotations.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):355840
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.03203793127972
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:3072:497+39tmdkuUIAezxwqk8SAq+Ymsx+ULDazdfLn4FqW+oSbVd9VwASmnlPoX4NKM:Btmdkud2D+Ylx3G4EM0Vv3lPDJ2T
                                                                                                                                                                                                                                                                                                                                  MD5:BA4160844257B64DBD4D7D3BCB929A10
                                                                                                                                                                                                                                                                                                                                  SHA1:FDD6F98C2D2C98A6453BDC6E40F16DBEF1BFC581
                                                                                                                                                                                                                                                                                                                                  SHA-256:40C08A7A140991B9412118DC5B0617044F30E62951586115B675A56EAA592E70
                                                                                                                                                                                                                                                                                                                                  SHA-512:802055BD1C55AD2B714D0F1252B70A20C408E353028356330DB3A4DB99A17C941226167475FC627AD3B10093BF8202F76E2748ED7CAFA9678E75339BB1BCBBB8
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@.......................................................................................................PE..d...B>.].........." ..........................b@D.........................................`..........................................................p.......}..|#...........`...!...X..8............................................................t..H............data...X_.......`..................@....text........p.......b.............. ..`.reloc...!...`..."...L..............@..B....................................~=............................................................................................................................................................................................................................................................................................................................................................g@D...W...............................`.g@D...+.......$...............@;c@D...........................

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1c30-0\System.Data.SqlXml.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):3152896
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.29515288331552
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:49152:EIU0dluLBG8h0GOPNMuC+0WH7ph+7VaDzTKktX9:EtCl+RE/Ga
                                                                                                                                                                                                                                                                                                                                  MD5:4030102C5FF5DFF4B96DBFADDE92E6D7
                                                                                                                                                                                                                                                                                                                                  SHA1:38CEB414A87C65B7D9C76F931EAF671648F89D77
                                                                                                                                                                                                                                                                                                                                  SHA-256:1FF3C397F1C738A84075707B34E3A217177438055BA4A8E76E206940044B3CBC
                                                                                                                                                                                                                                                                                                                                  SHA-512:74D824227D3C591FE6B32660CBDC5016B1D664DCBFE1C9E46A179B33764C12830D7F48E40E57D178074F654CFD9BD9B5733F34C286BC217856079F044410E05E
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@.......................................................................................................PE..d....>.].........." ...........................ED............................@0...........`..........................................................P..L.......x............ /......./.8...........................................................PT..H............data....3.......4..................@....text...G.$..P....$..6.............. ..`.reloc....... /......./.............@..B....................................~=..........................................................................................................................................................................................................................................................................................................................................................PzEED...........................P..ED....}EED...-........................F"ED...e.......................

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1c44-0\System.Deployment.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):3131904
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.11376661230697
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:24576:z8Zs7WSTYOk6X5XZOa9gwlmZhnjYnIBuU8vAHD0a+4jsDY9d/DBuI:z87+EZhjYnIBuU8vYD0a+4jM
                                                                                                                                                                                                                                                                                                                                  MD5:BB1EB29E13AF480E895544B82B26C087
                                                                                                                                                                                                                                                                                                                                  SHA1:86C739642878AF3B1FA8C612535167647B470849
                                                                                                                                                                                                                                                                                                                                  SHA-256:E905E1AC5B9582207004FF4F595F28B164631E5090048103706A203D93B1E1EF
                                                                                                                                                                                                                                                                                                                                  SHA-512:70B0A46DFE099F93C56095FD9BBEE994A23DF92EE96A055A6F1058DD7DA5230D19B7FC22EC205913A19DBF1344B9EC0E3ACE5F9D7A922EF510C48D18EF6183B4
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@.......................................................................................................PE..d.....R_.........." ..........................2ED............................./...........`.............................................................\...`................P/.@....D/.8...........................................................`...H............data...............................@....text.....).......)................. ..`.reloc..@....P/......:/.............@..B....................................~=..........................................................................................................................................................................................................................................................................................................................................................t.^ED...+...............................|.^ED.............................6ED...........................

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1c68-0\System.Deployment.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):3131904
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.11376661230697
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:24576:z8Zs7WSTYOk6X5XZOa9gwlmZhnjYnIBuU8vAHD0a+4jsDY9d/DBuI:z87+EZhjYnIBuU8vYD0a+4jM
                                                                                                                                                                                                                                                                                                                                  MD5:BB1EB29E13AF480E895544B82B26C087
                                                                                                                                                                                                                                                                                                                                  SHA1:86C739642878AF3B1FA8C612535167647B470849
                                                                                                                                                                                                                                                                                                                                  SHA-256:E905E1AC5B9582207004FF4F595F28B164631E5090048103706A203D93B1E1EF
                                                                                                                                                                                                                                                                                                                                  SHA-512:70B0A46DFE099F93C56095FD9BBEE994A23DF92EE96A055A6F1058DD7DA5230D19B7FC22EC205913A19DBF1344B9EC0E3ACE5F9D7A922EF510C48D18EF6183B4
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@.......................................................................................................PE..d.....R_.........." ..........................2ED............................./...........`.............................................................\...`................P/.@....D/.8...........................................................`...H............data...............................@....text.....).......)................. ..`.reloc..@....P/......:/.............@..B....................................~=..........................................................................................................................................................................................................................................................................................................................................................t.^ED...+...............................|.^ED.............................6ED...........................

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1cd8-0\System.Data.SqlXml.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):3152896
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.29515288331552
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:49152:EIU0dluLBG8h0GOPNMuC+0WH7ph+7VaDzTKktX9:EtCl+RE/Ga
                                                                                                                                                                                                                                                                                                                                  MD5:4030102C5FF5DFF4B96DBFADDE92E6D7
                                                                                                                                                                                                                                                                                                                                  SHA1:38CEB414A87C65B7D9C76F931EAF671648F89D77
                                                                                                                                                                                                                                                                                                                                  SHA-256:1FF3C397F1C738A84075707B34E3A217177438055BA4A8E76E206940044B3CBC
                                                                                                                                                                                                                                                                                                                                  SHA-512:74D824227D3C591FE6B32660CBDC5016B1D664DCBFE1C9E46A179B33764C12830D7F48E40E57D178074F654CFD9BD9B5733F34C286BC217856079F044410E05E
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@.......................................................................................................PE..d....>.].........." ...........................ED............................@0...........`..........................................................P..L.......x............ /......./.8...........................................................PT..H............data....3.......4..................@....text...G.$..P....$..6.............. ..`.reloc....... /......./.............@..B....................................~=..........................................................................................................................................................................................................................................................................................................................................................PzEED...........................P..ED....}EED...-........................F"ED...e.......................

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1cec-0\System.Security.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):1010176
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.390647351452728
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:12288:MsieoGzXs1r/4M7Km80TR+m1ML71n6VS3fQoL1iqqkQyW:MFqur980Twm1MN13YC
                                                                                                                                                                                                                                                                                                                                  MD5:F1F2CE62E1C36B6EB1E64FA2085D738E
                                                                                                                                                                                                                                                                                                                                  SHA1:299A4D69367A2F96571976EB0A6A8D3C9727F870
                                                                                                                                                                                                                                                                                                                                  SHA-256:967DD73C7EE643E2D03F8F82F8EFF0712CA8AA71AD1E5EBF1D89EA2C7BEDF1E0
                                                                                                                                                                                                                                                                                                                                  SHA-512:716D0B81FECB9F20CE8124DB49B9CBF95A19330912BBA5FC21FA4A72FB24F9259A2A2AE19D00AA6A334F1AEE4632DA0AFAC5A35A14825338D5DCC4A0897B70A3
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@.......................................................................................................PE..d...p.O_.........." ...........................ID.........................................`.............................................................P........S...........@...:...9..8...........................................................P...H............data...H...........................@....text............................... ..`.reloc...:...@...<..................@..B....................................~=...........................................................................................................................................................................................................................................................................................................................................................+.ID...........................Hv.ID...L-.ID...,.......T...............`.ID... .......................

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1e44-0\System.Security.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):1010176
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.390647351452728
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:12288:MsieoGzXs1r/4M7Km80TR+m1ML71n6VS3fQoL1iqqkQyW:MFqur980Twm1MN13YC
                                                                                                                                                                                                                                                                                                                                  MD5:F1F2CE62E1C36B6EB1E64FA2085D738E
                                                                                                                                                                                                                                                                                                                                  SHA1:299A4D69367A2F96571976EB0A6A8D3C9727F870
                                                                                                                                                                                                                                                                                                                                  SHA-256:967DD73C7EE643E2D03F8F82F8EFF0712CA8AA71AD1E5EBF1D89EA2C7BEDF1E0
                                                                                                                                                                                                                                                                                                                                  SHA-512:716D0B81FECB9F20CE8124DB49B9CBF95A19330912BBA5FC21FA4A72FB24F9259A2A2AE19D00AA6A334F1AEE4632DA0AFAC5A35A14825338D5DCC4A0897B70A3
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@.......................................................................................................PE..d...p.O_.........." ...........................ID.........................................`.............................................................P........S...........@...:...9..8...........................................................P...H............data...H...........................@....text............................... ..`.reloc...:...@...<..................@..B....................................~=...........................................................................................................................................................................................................................................................................................................................................................+.ID...........................Hv.ID...L-.ID...,.......T...............`.ID... .......................

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1edc-0\Microsoft.Build.Framework.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):565760
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.538643576749173
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:6144:hGUXwpYLMFGfB2l7Ef8nhCh8Mi6E8u6EhwccvjkMis:kL7q8nxMK/6ltis
                                                                                                                                                                                                                                                                                                                                  MD5:5AD0DE1C1276D24B20274B058F24F82F
                                                                                                                                                                                                                                                                                                                                  SHA1:CCEE2D95882E4E7928558B29EADCCD6424543474
                                                                                                                                                                                                                                                                                                                                  SHA-256:FE8B24C39149ECF016FC883F2768B27DEE56100C6E79EAB0CE573B5C299281E3
                                                                                                                                                                                                                                                                                                                                  SHA-512:F4634EC83177E9CE8AE968185D35E87B3F8B2BE302ADA98A86152DD7A13DCCE0BBE3E947A36D1B3D6955455A03CC21BCC8FD6781CC1F94BC2B841F805B4AEA1F
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@.......................................................................................................PE..d....>.].........." ...........................8D.........................................`.................................................................@,..81...........P...f..0M..8...............................................................H............data...............................@....text............................... ..`.reloc...f...P...h...:..............@..B....................................~=.......................................................................................................................................................................................................................................................................................................................................................... ..8D...d...............N.......H..8D......8D...+.......(............... q.8D...a...............).......

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\1f24-0\System.Runtime.Serialization.Formatters.Soap.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):353280
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.425396368012398
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:6144:BZMm4oCgyJkTtlMmd0b6xOzens3mz13yN6F:Bb4oHYotl9dY6QzeQmRiwF
                                                                                                                                                                                                                                                                                                                                  MD5:FC1D15780A9C0DDDDF0612A01F5B7261
                                                                                                                                                                                                                                                                                                                                  SHA1:9BEC1F5F382227FA702C37C8E40ED46D0D95B59B
                                                                                                                                                                                                                                                                                                                                  SHA-256:DED32C661E8505F76AB0D65368A7293D6EC9A2FECA0A9075EF5A6550162EC98D
                                                                                                                                                                                                                                                                                                                                  SHA-512:39BE1B4923048A436032EAC10537A003FEF9A682698837D5BFF7AE353DD83C93AB09902B66D76C1F8211CA49A7515267EB88318537AD0C209F97F29DCA5BB44D
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@.......................................................................................................PE..d....>.].........." ...........................ID.........................................`.................................................................h...0............p.......f..8...............................................................H............data...............................@....text...Q........................... ..`.reloc.......p.......X..............@..B....................................~=..........................................................................................................................................................................................................................................................................................................................................................8.ID...1.................................ID...*...P....................m.ID...........................

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\240-0\SMDiagnostics.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):145920
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.949829508134219
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:3072:8F3LDGvbhYT+DNHwx/VJ6D27dsKEeFx1wJC1:CPGSTPVJ6y7FEQxD
                                                                                                                                                                                                                                                                                                                                  MD5:489C0AE7398CA1D606CFB3DAEE939D0F
                                                                                                                                                                                                                                                                                                                                  SHA1:ABD74E700489661FD98046C8FF0201A321C900FE
                                                                                                                                                                                                                                                                                                                                  SHA-256:24B69E9DE454D8E48BE57B34ED5CB027B8F85F2EA7F20A5B10AA8C26D39F550E
                                                                                                                                                                                                                                                                                                                                  SHA-512:F6B5AFFF78E3FA9DD5B185FAEAAF38104B9F5167E032042B31C5EB5EB90125D941BAA5A9B2541F85DD15C0DF26C85D33F49A0E553F323D32639ABFEF8A9F0988
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@.......................................................................................................PE..d....1.b.........." .........................., D............................P............`.............................................................D....................@..p...4>..8...........................................................P...H............data...............................@....text............................... ..`.reloc..p....@.......*..............@..B....................................~=............................................................................................................................................................................................................................................................................................................................................................. D... ........................A, D...... D...)...<...................(|, D...~.......................

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\604-0\System.Web.ApplicationServices.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):113152
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.63212387656457
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:1536:P3V/0aLnBbvA3uDIoVQk7opKCRA6AKfteWr7PJje4OX1GJgpZKz1sbHmf+g+cPL7:tGJzWbJpcPLDQIH/dDIR6cWoyRFYAR
                                                                                                                                                                                                                                                                                                                                  MD5:ADC6A889E314AD8944818F51C2BC48EE
                                                                                                                                                                                                                                                                                                                                  SHA1:BDA35706FDE7C38CD084143706C2BE0C088141DB
                                                                                                                                                                                                                                                                                                                                  SHA-256:D03557A676F5752F0144AA242C6D2F61C5AB37C9B68AFC0C84F8633D267C855C
                                                                                                                                                                                                                                                                                                                                  SHA-512:9F3433040B51B7AEDDB2A4F0AAA36E9C8E8A520132D998C969C6166ADDEF6510008ECECF25AEDEC8C9E9C6AB91C6F7F49CC45E22CA14BE205F1B9204F5F6510D
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@.......................................................................................................PE..d...#..b.........." ..........................xID.........................................`.................................................................,...........................8...............................................................H............data....j.......l..................@....text....@.......B...n.............. ..`.reloc..............................@..B....................................~=..........................................................................................................................................................................................................................................................................................................................................................L.yID...........................X>xID...t.yID...)...(...................pixID...a.......................

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\744-0\Microsoft.JScript.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):2844160
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.62746694654847
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:49152:Kd6HVKGum20+06HDN/fPwDbEgqVUa3UFFx3x6/OwH9u6wAZj8dl6e4sK:KwHVKqsHRwDbEgqVUa3UFFx3b68l63s
                                                                                                                                                                                                                                                                                                                                  MD5:B5199F7B846A2F8DFA05CE43F61175D6
                                                                                                                                                                                                                                                                                                                                  SHA1:432DF95A7EF646CC814B1BED52938E3880B59240
                                                                                                                                                                                                                                                                                                                                  SHA-256:0EE39143B7EEA8EFD91304C0636A6535B92F50AA802F447D692C21497594720B
                                                                                                                                                                                                                                                                                                                                  SHA-512:59B9884F87AAF458BAF4B38A521B1EC812A232100C65C7898B4497ACF96A1EE200CF732E41485EFE8FFBB4B35DE3FA83D0196E684F9D6C9DB32497E5A12C3565
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@.......................................................................................................PE..d....>.].........." ...........................<D.............................+...........`..........................................................P.......]..L.............+..n....+.8............................................................S..H............data....<.......>..................@....text.....&..P....&..@.............. ..`.reloc...n....+..p....*.............@..B....................................~=.............................................................................................................................................................................................................................................................................................................................................................<D...c...............................L..<D...-........................+.<D...o.......................

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\780-0\System.Runtime.Caching.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):305664
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.094303618906386
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:3072:d5GBn2kdsVADZBWTe3xNArJpjdhd9X0spSMehIpUkF5Gqildq06/E3fzkBotD8/o:d5GBn2FmDh3yDoMeqByM066zIeQC
                                                                                                                                                                                                                                                                                                                                  MD5:DEB2C19197E42EDDC1636E8D069EAFFE
                                                                                                                                                                                                                                                                                                                                  SHA1:862ACCF42F307FC39B2C7A472415194F4AD88BFB
                                                                                                                                                                                                                                                                                                                                  SHA-256:FAD873D6DB1B3043A3EF804C08549FB9F74BE615FF2D452C820050CACED8BC19
                                                                                                                                                                                                                                                                                                                                  SHA-512:92408CBB745129D280D883E5F7D0F0CDE92D3D4A40C53D449CD28841D0B35BE0191E2BEA21F1F2040EB31137A6954EEF07208C38B6318A94B1B29887561502F8
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@.......................................................................................................PE..d....>.].........." ..........................|ID.........................................`.............................................................l....... ...............$......8...........................................................p...H............data...............................@....text...w........................... ..`.reloc..$...........................@..B....................................~=...........................................................................................................................................................................................................................................................................................................................................................G.ID...F........................R|ID....G.ID...*...|...................(.|ID...........................

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\a58-0\System.DirectoryServices.Protocols.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):560128
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.304697940061689
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:6144:wEkyX9pdLmY7HIxei7jyp+Cq8sB0Gk3vkpMMtyNGCqE:wEkUpoS6j1lk3QMMI5q
                                                                                                                                                                                                                                                                                                                                  MD5:AF33F9F3186D1F551644B658C539BB35
                                                                                                                                                                                                                                                                                                                                  SHA1:46CFA129A2D0859B3F58A2944BC7046C2CFD34B3
                                                                                                                                                                                                                                                                                                                                  SHA-256:EC76AA7794A431F600FB45A11E04189AB69F61EA84F459AD7130F283480EE8EE
                                                                                                                                                                                                                                                                                                                                  SHA-512:9D0EA6D53059B0562117CA2C53AD47D4EA162AF52ABAC04E3A25F0B0EB419BBAE32FE0534374F082C77A14C414BA9D757E68E15C78A63D6B99C307BD6707F396
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@.......................................................................................................PE..d...8>.].........." ..........................bGD.........................................`..........................................................`.......l...2...................}..8............................................................d..H............data...0J.......L..................@....text...g....`... ...N.............. ..`.reloc...............n..............@..B....................................~=............................................................................................................................................................................................................................................................................................................................................................iGD.....................................iGD...,.......8.................cGD...........................

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\b18-0\System.Web.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):16944640
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.423837005716663
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:98304:8SziAtOTrARuiqZmUifJaj3KyEGx6gIavGM5UTvCYiko5NGcFCCUL9npKP/5UUD2:r2yuiqEZfJo6jPmYikovGYP/HYIRj
                                                                                                                                                                                                                                                                                                                                  MD5:E9E08604934E84C7EDE246B2102A3DD1
                                                                                                                                                                                                                                                                                                                                  SHA1:63F2ECA3AE7BAA5C8970AC904EC648C42041555A
                                                                                                                                                                                                                                                                                                                                  SHA-256:A3F31A910EA9AAB8D60E92BAD40D0E66031E067DF6DA4A25BFB5093485991B65
                                                                                                                                                                                                                                                                                                                                  SHA-512:1C5C2E6FD1AE6785C5A35A2288215677A8130F97C1BB1C07F7DFC3185283784DBFD6B28DACC466E7927CE583BE18273C7527E19DD40027516B83FBB23C14E383
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@.......................................................................................................PE..d......b.........." ............................D.........................................`..........................................................P..8.....=..c...........p.../..pi..8...........................................................@T..H............data....?.......@..................@....text........P.......B.............. ..`.reloc.../...p...0...^..............@..B....................................~=..........................................................................................................................................................................................................................................................................................................................................................D...D...........................h6..D.......D...0....................... .0.D...A...............`.......

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\b64-0\System.ServiceModel.Internals.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):1002496
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.1945884091156955
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:12288:hOe5y8vRt6KkH6VKnaScs0R9X8K9350+yWf/kiG5ncrVV1F7SfxHqGb:hzd7VwaScs0HX8K93Rcimfx
                                                                                                                                                                                                                                                                                                                                  MD5:87C2E5675D1A78942E3920CB0D1A979C
                                                                                                                                                                                                                                                                                                                                  SHA1:637D94B5CADB3AB023855514F4B039BB9C492C80
                                                                                                                                                                                                                                                                                                                                  SHA-256:610CC0ED6885CCA275845688F8ABBD5F6656C31507CDB967776D17A6E0529F16
                                                                                                                                                                                                                                                                                                                                  SHA-512:E58346BCCBFA7AE4759E70E774C69C3D044345B4B785C74448CF7D9C36BE4CE770E4297B6ADE2CD680838EB2D3917BA37528A19D3BE8060CA131C709E7033B81
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@.......................................................................................................PE..d....1.b.........." ..........................N&D............................p............`..........................................................@......8....N..............xp......8............................................................D..H............data....*.......,..................@....text...N....@...................... ..`.reloc..xp.......r..................@..B....................................~=..........................................................................................................................................................................................................................................................................................................................................................H.[&D...................,........PO&D.....[&D...,.......D...............p7Q&D...........................

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\bb0-0\System.EnterpriseServices.Wrapper.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32+ executable (DLL) (GUI) x86-64 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):350208
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.360984736881725
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:3072:OhE8gQgd1a+JaRp7+1+aCfXliDapJjIz5oWM+VqFIuKxWZjWLHrKy8Y9WyafZiBj:OU+hKOWM+VqFIuKY1s9Wd8BkQP
                                                                                                                                                                                                                                                                                                                                  MD5:231B6E73760607A712F05F54052EE2A1
                                                                                                                                                                                                                                                                                                                                  SHA1:0FCE19AFDA7E30F43835E07B2DCCE6C0EBCE1ECC
                                                                                                                                                                                                                                                                                                                                  SHA-256:9C6C6F2D33CBB2B5A2E7E92634B0014771F3A4989D260400965A0396D4243B22
                                                                                                                                                                                                                                                                                                                                  SHA-512:E599EAF22F95D44B8CF6FC34A0692B0EE7EB622690FDF25B79E03AC4E9BEABCA3D078AD6AC3294DFD712AE0EC14D269126C89035B4441109EE07F743291F9148
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@.......................................................................................................PE..d...|A.].........." .........................................................p............`.................................................................T................@..\*...5..p...............................................................H............data...8m.......n..................@....text................p.............. ..`.reloc..\*...@...,...,..............@..B....................................~=..................................................................................................................................................................................................................................................................................................................................................................................................T.......-.......................(S......U.......................

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\bb0-0\System.EnterpriseServices.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):1016832
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.340122325887443
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:12288:sUiQLhc+zmU0Z1XbQuPnQfPCbSa3H/H92nVnRs3OdZmFlCdzgr9NPDzjc3i:snQI1LPnQH4SihpDE3
                                                                                                                                                                                                                                                                                                                                  MD5:9D234EF1B5DE22E0AC4EF0DAD58536A4
                                                                                                                                                                                                                                                                                                                                  SHA1:172F24A4403F11407C77BFC47E1B4A7681E39FCB
                                                                                                                                                                                                                                                                                                                                  SHA-256:AF11FE05876110ADDD9721C43DA6AB53D404B9B39954631DC5B08C8EAD89F933
                                                                                                                                                                                                                                                                                                                                  SHA-512:51B36D47B006D46271F7D07577C74A212B17AC5DEA14AC126C4FD6F1744F021A311F1CD60277945C896B44600D44D1F894AB73E809325C40F8ADC78A78700889
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@.......................................................................................................PE..d....C.].........." ............................D.........................................`.................................................................(...4h...........`..\D...W..8...............................................................H............data...............................@....text....Y.......Z.................. ..`.reloc..\D...`...F...>..............@..B....................................~=............................................................................................................................................................................................................................................................................................................................................................!.D...............................D.....!.D...-.......\...................D...!.......................

                                                                                                                                                                                                                                                                                                                                  C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\c0c-0\Microsoft.Build.Utilities.v4.0.dll

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):1058816
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.203026143182572
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:12288:oxXATT6aRXqpoOwlUi2XBOqZP/H5ybilaLHxCb4HJdVOSI6A+cHkT:oW6aRXMhwlUiwLvxyxCb4HJdUSIF+
                                                                                                                                                                                                                                                                                                                                  MD5:21C2A94087BC18781CC145190D7ABE44
                                                                                                                                                                                                                                                                                                                                  SHA1:408D53E9E61CADD6BC9676FC5E50D0C4DFB3606C
                                                                                                                                                                                                                                                                                                                                  SHA-256:A9B64A301B343080F13709BB24808E8CFB4E84D714E0DA38DF72E92DC7E9280A
                                                                                                                                                                                                                                                                                                                                  SHA-512:6E654E51327C1C350568A127EAA25F8D0A3D192BE77AE642566C440FADCFD10B592539D0CFA72938831B9EF4D08B480B653FC56E9A7963357A631E96A0C1DA9D
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@.......................................................................................................PE..d....>.].........." ...........................8D............................P............`.......................................................... ......t]..xQ...............i..\...8............................................................$..H............data...............................@....text....... ...................... ..`.reloc...i.......j..................@..B....................................~=..........................................................................................................................................................................................................................................................................................................................................................P..8D...{...............(..........8D...P..8D...,.......,................p.8D...................2.......

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 272

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Unicode text, UTF-8 text, with very long lines (46429), with no line terminators
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):46430
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.303853365298302
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:768:OaOFhhR5OIahpjfRys3LzQR04TYYyDMOWPKQ:OaOFnRqDRtzQ64IfWiQ
                                                                                                                                                                                                                                                                                                                                  MD5:72BCA04FD669EB89FC65D59052D0FC00
                                                                                                                                                                                                                                                                                                                                  SHA1:27E60AEF86F0CB1B2F6B6ED9DF9A4E3BA88EFD21
                                                                                                                                                                                                                                                                                                                                  SHA-256:823804A7807864B44093A3843788F4CD076E89CF4A6FDEB8D153AE5C2C2DF721
                                                                                                                                                                                                                                                                                                                                  SHA-512:56058E4C927563CA37DEC4979AF28A415EA3042A389C0BA22738C76D39131317A703A38A95EAB9D913F116F7C2D1DA62A0A87750F47DECA2DDB3447D64303B12
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://bat.bing.com/bat.js
                                                                                                                                                                                                                                                                                                                                  Preview:function UET(o){this.stringExists=function(n){return n&&n.length>0};this.domain="bat.bing.com";this.domainCl="bat.bing.net";this.URLLENGTHLIMIT=4096;this.pageLoadEvt="pageLoad";this.customEvt="custom";this.pageViewEvt="page_view";o.Ver=o.Ver!==undefined&&(o.Ver==="1"||o.Ver===1)?1:2;this.uetConfig={};this.uetConfig.consent={enabled:!1,adStorageAllowed:!0,adStorageUpdated:!1,hasWaited:!1,waitForUpdate:0};this.uetConfig.tcf={enabled:!1,vendorId:1126,hasLoaded:!1,timeoutId:null,gdprApplies:undefined,adStorageAllowed:undefined,measurementAllowed:undefined,personalizationAllowed:undefined};this.beaconParams={};this.supportsCORS=this.supportsXDR=!1;this.paramValidations={string_currency:{type:"regex",regex:/^[a-zA-Z]{3}$/,error:"{p} value must be ISO standard currency code"},number:{type:"num",digits:3,max:999999999999},integer:{type:"num",digits:0,max:999999999999},hct_los:{type:"num",digits:0,max:30},date:{type:"regex",regex:/^\d{4}-\d{2}-\d{2}$/,error:"{p} value must be in YYYY-MM-DD date

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 273

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):206519
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.29417172882611
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:1536:gzBG80xEYJCEI3s1Y/H6iW3Kfzo2OL6ykU9tuqH3vRuSSlYRqp9R7B:CBwSYJCZ8qDO5kUHOlYQ/R7B
                                                                                                                                                                                                                                                                                                                                  MD5:CC3FA0EACE0361F26D862AED38BAE88B
                                                                                                                                                                                                                                                                                                                                  SHA1:A3E5256F35487D60D3745AB93F841D2A97027B18
                                                                                                                                                                                                                                                                                                                                  SHA-256:415255C5F39C7FF4E07687518C0EECA229BE0373F1990E9E4F166A1F9FD45629
                                                                                                                                                                                                                                                                                                                                  SHA-512:A3F0EDBB33BD204CD15C120245B63F6C73F06F81AF2D69ACA290D46D95F10F1A16B52C6A6AB1B1A9ACEBCE45F026DC178660E42096966C51DCF612F707D22810
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://cdn.cookielaw.org/consent/3dfce4f2-dab6-4128-9f33-df7e0597da82/8b69118b-3606-49f3-8c41-2718141b484d/en.json
                                                                                                                                                                                                                                                                                                                                  Preview:{"DomainData":{"pccloseButtonType":"Icon","pclifeSpanYr":"Year","pclifeSpanYrs":"Years","pclifeSpanSecs":"A few seconds","pclifeSpanWk":"Week","pclifeSpanWks":"Weeks","pccontinueWithoutAcceptText":"Continue without Accepting","MainText":"Privacy Preference Center","MainInfoText":"When you visit any web site, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences or your device and is mostly used to make the site work as you expect it to. The information does not usually directly identify you, but it can give you a more personalised web experience.\n\nBecause we respect your right to privacy, you can choose not to allow some types of cookies. Click on the different category headings to find out more and change our default settings. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer.","AboutText":"More information","AboutCookiesText":"Your

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 274

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):4850
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.970526993126406
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:96:npyIN40wawOxa6upiyCBHxYa6AygijMjVjJjeW5hp0F:FkawMZSiyM6vgG8dJtLS
                                                                                                                                                                                                                                                                                                                                  MD5:7F07B81C4381106F15263E225FEB5F66
                                                                                                                                                                                                                                                                                                                                  SHA1:4562904593887507207FCCE5C537707E9DCD1CF3
                                                                                                                                                                                                                                                                                                                                  SHA-256:E030DB2E4F035CA98047DF2E3B362FC68A2405C5CA5292AB2106116B97792182
                                                                                                                                                                                                                                                                                                                                  SHA-512:88175689FCE4898927092CA48D00906A2E0315EED24A5E55BCD214D96A077A1232DBD8588B1BB50C68094F869BB665B85D22B7C49687F3B4E44E3B9F105FB9A4
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:{"CookieSPAEnabled":false,"CookieSameSiteNoneEnabled":false,"CookieV2CSPEnabled":false,"MultiVariantTestingEnabled":false,"UseV2":true,"MobileSDK":false,"SkipGeolocation":false,"ScriptType":"PRODUCTION","Version":"202401.2.0","OptanonDataJSON":"3dfce4f2-dab6-4128-9f33-df7e0597da82","GeolocationUrl":"https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location","BulkDomainCheckUrl":"https://cookies-data.onetrust.io/bannersdk/v1/domaingroupcheck","RuleSet":[{"Id":"c3495855-ffc3-4e68-811b-b5d8201ac53c","Name":"California","Countries":[],"States":{"us":["ca"]},"LanguageSwitcherPlaceholder":{"default":"en"},"BannerPushesDown":false,"Default":false,"Global":false,"Type":"GDPR","UseGoogleVendors":false,"VariantEnabled":false,"TestEndTime":null,"Variants":[],"TemplateName":"GDPR Template - Telerik.Com - Non EU","Conditions":[],"GCEnable":false,"IsGPPEnabled":false,"EnableJWTAuthForKnownUsers":false},{"Id":"7be79de2-14b0-4002-a6d6-0b9dabd1281e","Name":"EU","Countries":["de","no","be","fi",

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 275

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (2859), with no line terminators
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):2859
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.93731799136189
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:48:Ego2Y+iKasKEIzUtJQSIZyaQqe3q7SWWdCC6jykt083E+EetrGyfn/9yyuS7Rjp6:wsbSUtJfxrqLWWWdV6j1jZEes6MS7RM
                                                                                                                                                                                                                                                                                                                                  MD5:4E05027260CD376520F380A6403B363D
                                                                                                                                                                                                                                                                                                                                  SHA1:4CDA9F0C9289D9D6140E126CE6A9289B26FCF80C
                                                                                                                                                                                                                                                                                                                                  SHA-256:72DC697AA83BB5146E867F77E5A6ECEC5E2F76F91371C31633CDE120A5031A55
                                                                                                                                                                                                                                                                                                                                  SHA-512:C5F5D96FE49A0A11D03D3A2FE07EF155B971580CBD58107722449EFE6330DEC9C30E57920446279C9FDBF9CB87D5324032194F08995C83127792D4D6311D0C80
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://www.googleadservices.com/pagead/conversion/975652292/?random=1713914991222&cv=11&fst=1713914991222&bg=ffffff&guid=ON&async=1&gtm=45je44m0v9167661709za200&gcs=G111&gcd=13v3v3v3v5&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&label=p4zxCNq_8IkYEMSLndED&hn=www.googleadservices.com&frm=0&tiba=First%20run&gtm_ee=1&npa=0&pscdl=noapi&auid=571138784.1713914988&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.134%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.134&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&rfmt=3&fmt=4
                                                                                                                                                                                                                                                                                                                                  Preview:(function(){var s = {};(function(){var e={};/* Copyright The Closure Library Authors. SPDX-License-Identifier: Apache-2.0 */ var f=this||self;var g,k;a:{for(var l=["CLOSURE_FLAGS"],p=f,q=0;q<l.length;q++)if(p=p[l[q]],null==p){k=null;break a}k=p}var r=k&&k[610401301];g=null!=r?r:!1;var t,v=f.navigator;t=v?v.userAgentData||null:null;function w(d){return g?t?t.brands.some(function(a){return(a=a.brand)&&-1!=a.indexOf(d)}):!1:!1}function x(d){var a;a:{if(a=f.navigator)if(a=a.userAgent)break a;a=""}return-1!=a.indexOf(d)};function y(){return g?!!t&&0<t.brands.length:!1}function z(){return y()?w("Chromium"):(x("Chrome")||x("CriOS"))&&!(y()?0:x("Edge"))||x("Silk")};!x("Android")||z();z();!x("Safari")||z()||(y()?0:x("Coast"))||(y()?0:x("Opera"))||(y()?0:x("Edge"))||(y()?w("Microsoft Edge"):x("Edg/"))||y()&&w("Opera");var A=/#|$/;function B(d){var a=d.search(A),b;a:{for(b=0;0<=(b=d.indexOf("fmt",b))&&b<a;){var c=d.charCodeAt(b-1);if(38==c||63==c)if(c=d.charCodeAt(b+3),!c||61==c||38==c||35==c)br

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 276

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (57671), with no line terminators
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):57671
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.406436595808325
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:1536:buM99dAoLYPNh7S5BTF94zGnSJpSFD2No5/g:buMdAVNiTF94zGnSJpSFDr5/g
                                                                                                                                                                                                                                                                                                                                  MD5:BBBCF811D8437A575D796A4C1E5D4FAD
                                                                                                                                                                                                                                                                                                                                  SHA1:CCE821AAE4F2B8982D9C08B308FB5306945EA68E
                                                                                                                                                                                                                                                                                                                                  SHA-256:4D15FF2317E16CCD8CA1D3248FEA7D91130E022369BB032824A84AD9967064DF
                                                                                                                                                                                                                                                                                                                                  SHA-512:6D0E3E9079DB4C175F0E8EC0279E9A89DF786D226685C0764AB20179D69E19CA269E8CC40646A97D31F95597654EC869472358BB72071011DF3410FC32E501C0
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://static.ads-twitter.com/uwt.js
                                                                                                                                                                                                                                                                                                                                  Preview:!function(){var t={6173:function(t,e,n){var r;t.exports=(r=r||function(t,e){var r;if("undefined"!=typeof window&&window.crypto&&(r=window.crypto),"undefined"!=typeof self&&self.crypto&&(r=self.crypto),"undefined"!=typeof globalThis&&globalThis.crypto&&(r=globalThis.crypto),!r&&"undefined"!=typeof window&&window.msCrypto&&(r=window.msCrypto),!r&&void 0!==n.g&&n.g.crypto&&(r=n.g.crypto),!r)try{r=n(2480)}catch(t){}var i=function(){if(r){if("function"==typeof r.getRandomValues)try{return r.getRandomValues(new Uint32Array(1))[0]}catch(t){}if("function"==typeof r.randomBytes)try{return r.randomBytes(4).readInt32LE()}catch(t){}}throw new Error("Native crypto module could not be used to get secure random number.")},o=Object.create||function(){function t(){}return function(e){var n;return t.prototype=e,n=new t,t.prototype=null,n}}(),a={},c=a.lib={},u=c.Base={extend:function(t){var e=o(this);return t&&e.mixIn(t),e.hasOwnProperty("init")&&this.init!==e.init||(e.init=function(){e.$super.init.apply

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 277

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Unicode text, UTF-8 text, with very long lines (47091), with NEL line terminators
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):258132
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.32588906932293
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:3072:yOv9w8sHB+vOvWfwEykvWsuaGA8bGp2wIb+qA9oSB4FL3zld:aHwvOvWfwEykvWsu5bSmN
                                                                                                                                                                                                                                                                                                                                  MD5:308500459B9759FC41AD117E0012A056
                                                                                                                                                                                                                                                                                                                                  SHA1:4666B7B10226B39C77768062C69B31C53897F9D3
                                                                                                                                                                                                                                                                                                                                  SHA-256:C66C84FC192CCC5EECD49AE95CC1420506BEDFE2AFF6CFDD9B5795AE59B58460
                                                                                                                                                                                                                                                                                                                                  SHA-512:E5B7901EFDDB995250237DDD81202A5552D1E1455BABC0FD40C338020E00757142FC16ECC79C6631308625F958D46A504AC67A198ED974CAA501D5CE94D56FEA
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://dtzbdy9anri2p.cloudfront.net/cache/4666b7b10226b39c77768062c69b31c53897f9d3/telerik/js/dist/all.min.js
                                                                                                                                                                                                                                                                                                                                  Preview:!function(O){"use strict";var U,e,D,V,N,B,H,W,q,F,K="undefined"!=typeof globalThis?globalThis:"undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof self?self:{};function z(t){var e=7.5625,n=2.75;return t<1/n?e*t*t:t<2/n?e*(t-=1.5/n)*t+.75:t<2.5/n?e*(t-=2.25/n)*t+.9375:e*(t-=2.625/n)*t+.984375}(U=O).easing.jswing=U.easing.swing,e=Math.pow,D=Math.sqrt,V=Math.sin,N=Math.cos,B=Math.PI,W=1.525*(H=1.70158),q=2*B/3,F=2*B/4.5,U.extend(U.easing,{def:"easeOutQuad",swing:function(t){return U.easing[U.easing.def](t)},easeInQuad:function(t){return t*t},easeOutQuad:function(t){return 1-(1-t)*(1-t)},easeInOutQuad:function(t){return t<.5?2*t*t:1-e(-2*t+2,2)/2},easeInCubic:function(t){return t*t*t},easeOutCubic:function(t){return 1-e(1-t,3)},easeInOutCubic:function(t){return t<.5?4*t*t*t:1-e(-2*t+2,3)/2},easeInQuart:function(t){return t*t*t*t},easeOutQuart:function(t){return 1-e(1-t,4)},easeInOutQuart:function(t){return t<.5?8*t*t*t*t:1-e(-2*t+2,4)/2},easeInQuint:funct

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 278

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Web Open Font Format (Version 2), TrueType, length 12164, version 1.0
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):12164
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):7.978728112666553
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:192:75IBTiJL4Nk1XEvuepXsedpiJd9h29PiRDh6yOjtXLfeVk4W4V8JfJgs4BjG4zl5:76oL4Nk1SiJd9h0SDAJy8JBDFW5
                                                                                                                                                                                                                                                                                                                                  MD5:1F6951E7DE6DE6B3FC50EAB45ABC685B
                                                                                                                                                                                                                                                                                                                                  SHA1:5F6F40BEFA93A6096E5390B231E427E31B424724
                                                                                                                                                                                                                                                                                                                                  SHA-256:0F5CB72CE1434872D6D0D311CB122ADF519A86AC6D913A6ECC424325C5DB5775
                                                                                                                                                                                                                                                                                                                                  SHA-512:AF7960E6ACB23E406DFFB1D2E576C2BB763AB86F0CEC28895C44F03A1522C62CA49A0CF48E5D1851F5AFEC5F2416B5B6FDB8F459FB85A693A5D8FAD66B14C651
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://dtzbdy9anri2p.cloudfront.net/cache/b6ce06a57a51347c21d7af30873baa8620408fd6/telerik/iconfont/tlrk-icon-font-dc6cff9dd8.woff2
                                                                                                                                                                                                                                                                                                                                  Preview:wOF2....../.......l.../2.........................T.V.. ...T....6.$..(..V.. ..^..-..^e..l..#."*V.(J.....ic...S...b"T.R../..x..-."zR.......... ....3u<n..L...?....3..].vHR4!.5w/3Du.i+.B.W......Ch......}!$....~.Z.I.D...i.e.n......~.........8..jrx^.^..#.;..g"$".L.#.P!F"!T.]..5V[jt...G..@.R.>....]C'i.......!:....N........O.,......Z3.....q.6.a.....;....~._2..l...X...........$..484..K.J.^?H.:X!..g.....I.]....R..E..M.C_..z....Q...g...y.....|..F]X.]%.eXZ.d.96.SSj..N..b........./.>}.r,..k.[+..g_....mg.%e+..rv.....A-`...."X.!.,,,...e..P.'......m{.........ri}..O....+....%........3.,x..>.......>@.........!.'.r..W. |.......<.BJ.....N....b.......fD [..6.}P..CV.9ka_.s..W.'.X.#..$2e.#x...d.9\._L\BRJZFVN^AQIYEUM]CSK[GWO.....................k..,[.j....l.k.....;qj.....\.q.....<{.....Q.........F..BD.1D."...HCd . .!. .!. .!J...2D9..Q..BT#j...:D=...hB4#Z...6D;....Bt#z...>D?"..@.".....(b.1..@L".....,b.1.X@,"....+...k.......[...;...{.......G...'...g.......W...7...w.....

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 279

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:MS Windows icon resource - 4 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, 16x16, 32 bits/pixel
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):21142
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.720363217360017
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:192:z/tKZVrFfgcFi1eq3rrwyRKDtVjFe8XyLIfYwHdJc3EKlVnD:TEzrF/i8qXfRKyLNWuD
                                                                                                                                                                                                                                                                                                                                  MD5:12649F4E0C5A37D4A41CBCA768C8E7E0
                                                                                                                                                                                                                                                                                                                                  SHA1:1257DD7949F4AA81C8F791DCEEEDD66E486DC3A0
                                                                                                                                                                                                                                                                                                                                  SHA-256:7B990B226FB3E8970B750DEC91D4E8B9B59B2B7B069D0243D7BF70FEBE8EDE53
                                                                                                                                                                                                                                                                                                                                  SHA-512:A0F96E89664C938ED38B33A127EF56B882F2EF3A60A4E01324602905B054C50A0AB87A725A21E61C3C60B5225E8825CBEAB8C5664C2E59BE168071F1CE1EEED4
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:............ .....F......... .h....... .... .....F...00.... ..%...,...PNG........IHDR.............\r.f..._IDATx..y...O.T..hiji...Q./.T3h;.Z...b..R..A..DEi.5.".BMG..*$HgF3.1C3.iU...zr..'o..y..>...~>..x..>I.....6d.yB.)..x.@....|.~O.i...<K..R...j.....U.R]....4..+W..T.. ...B....o...}U...S..i....y...v.....f6P..F....".@..'......#=|?B..N...H.0..CTg...W.q..`.1.)}~......a....7.... .S..C.^..%.@..>......b...V5Su...>...C.t...x.Tok.G.>.:QuI..%.@..&...M....WMR.....;.A..!@Z.......{.....n.".......H....W.V..lK'.T.F,,..TB0......V..3....X..a..}.!.@o./.V..R......!*.....l.Y.t....wU..6v.......j.X.C".!@\.+v.^......9.8.....:.8.I.[oMoC..:.......C*....n.....r}.......U+;.B.......[..x........g.....s..\.j..A..].....N#r..=6...s.....*..j<Ul2.i.:..A.{...........U.:.R...............#T?.'6.4..0...z.[..D.H3...n.P..#.....n..b.z|..g.....D.R..t.a@Z...n.1.....T_.....!@. .w.pLV.`:.i..TG..A.7...6. ...=V.K.NS.......{U.,.@cCg[Jf...b..0g[..!@...z..d.[/u.....e..mI.:...;.D..

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 280

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Unicode text, UTF-8 text, with very long lines (49273)
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):49276
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.46054574462855
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:768:TCoEqoinIC7q2gh0CKUxEGWUwcvXWP6Ta8vHKPPSvCC1anVD//B/ZX8RNIB8HxKg:TPJi0LUxEpyv0StEZ/Bd8RNIsxZ
                                                                                                                                                                                                                                                                                                                                  MD5:FB2E085CDC32D0BC97C24A8A82C12946
                                                                                                                                                                                                                                                                                                                                  SHA1:194A95809592E6984151A465946EF7EDB7A47959
                                                                                                                                                                                                                                                                                                                                  SHA-256:6CC4C722A50B4152194B13E7E3C8A1A5A5F23B17988F8FA85404394EFC5C0984
                                                                                                                                                                                                                                                                                                                                  SHA-512:D9399F04E6965CC59C6A730F85E10DAF949A0BDA30DDE85710A27380650F8194362CA51E28C8D751B3B4F23C451715B14F2A3A1AB9F872DE8B3202F8F1698B0A
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://snap.licdn.com/li.lms-analytics/insight.min.js
                                                                                                                                                                                                                                                                                                                                  Preview:!function(){"use strict";function t(t,n,e){return n in t?Object.defineProperty(t,n,{value:e,enumerable:!0,configurable:!0,writable:!0}):t[n]=e,t}var n,e,r,o,i={ADVERTISING:"ADVERTISING",ANALYTICS_AND_RESEARCH:"ANALYTICS_AND_RESEARCH",FUNCTIONAL:"FUNCTIONAL"},a="GUEST",u="MEMBER",c=0,l=1,s=2,f=(t(n={},a,"li_gc"),t(n,u,"li_mc"),n),d=function ar(){var t=arguments.length>0&&arguments[0]!==undefined?arguments[0]:null,n=arguments.length>1&&arguments[1]!==undefined?arguments[1]:null,e=arguments.length>2&&arguments[2]!==undefined?arguments[2]:null,r=arguments.length>3&&arguments[3]!==undefined?arguments[3]:null;for(var o in function(t,n){if(!(t instanceof n))throw new TypeError("Cannot call a class as a function")}(this,ar),t=t||{},this.consentAvailable=!1,this.issuedAt=n,this.userMode=e,this.optedInConsentMap={},i)t[o]=t[o]||c,t[o]!==c&&(this.consentAvailable=!0),this.optedInConsentMap[o]=t[o]===l||t[o]===c&&r===l},v=(e=[i.ADVERTISING,i.ANALYTICS_AND_RESEARCH,i.FUNCTIONAL],r=[c,l,s,c],o=new R

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 281

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):241
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.815595802294702
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:6:YMpLMajpHrHaaNmXxgU04nKUM8SpuiOoBmIhM2pFhhGzT:YSMwpHrHaaNmz04FQoiOoBmP2pFL+
                                                                                                                                                                                                                                                                                                                                  MD5:93EDAC014DAFA52AB3DF4BC411DCDCB8
                                                                                                                                                                                                                                                                                                                                  SHA1:6965320F45B13CEAD10B305B978B49248ED890A1
                                                                                                                                                                                                                                                                                                                                  SHA-256:63B4D2A473F6ED74E3F22E5181554C63886FC829B5A304B52FF4A60DA5CE847E
                                                                                                                                                                                                                                                                                                                                  SHA-512:295987044487FF5C29084CC2016219B86B46C4F8B3D5F1C6D507E14A5EFFB9D8FB1DB8102360BEDB6AF737B4EF70A078781D890D56636CE4D0CBE090DE26926C
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://geo.qualaroo.com/json/
                                                                                                                                                                                                                                                                                                                                  Preview:{"ip":"154.16.105.36","country_code":"US","country_name":"United States","region_code":"AZ","region_name":"Arizona","city":"Phoenix","zip_code":"85004","time_zone":"America/Phoenix","latitude":33.4499,"longitude":-112.0712,"metro_code":753}.

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 282

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (65447)
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):87533
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.262536918435756
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:sHNwcv9VBQpLl88SMBQ47GKr
                                                                                                                                                                                                                                                                                                                                  MD5:2C872DBE60F4BA70FB85356113D8B35E
                                                                                                                                                                                                                                                                                                                                  SHA1:EE48592D1FFF952FCF06CE0B666ED4785493AFDC
                                                                                                                                                                                                                                                                                                                                  SHA-256:FC9A93DD241F6B045CBFF0481CF4E1901BECD0E12FB45166A8F17F95823F0B1A
                                                                                                                                                                                                                                                                                                                                  SHA-512:BF6089ED4698CB8270A8B0C8AD9508FF886A7A842278E98064D5C1790CA3A36D5D69D9F047EF196882554FC104DA2C88EB5395F1EE8CF0F3F6FF8869408350FE
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js
                                                                                                                                                                                                                                                                                                                                  Preview:/*! jQuery v3.7.1 | (c) OpenJS Foundation and other contributors | jquery.org/license */.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(ie,e){"use strict";var oe=[],r=Object.getPrototypeOf,ae=oe.slice,g=oe.flat?function(e){return oe.flat.call(e)}:function(e){return oe.concat.apply([],e)},s=oe.push,se=oe.indexOf,n={},i=n.toString,ue=n.hasOwnProperty,o=ue.toString,a=o.call(Object),le={},v=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},y=function(e){return null!=e&&e===e.window},C=ie.document,u={type:!0,src:!0,nonce:!0,noModule:!0};function m(e,t,n){var r,i,o=(n=n||C).createElement("script");if(o.text=e,t)for(r in u)(i=t[r]||t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.remove

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 283

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):78
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.224031547526729
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:3:LUfQ2pHWiR8HnH7OE9HstmyRHfHyI:x2pHDYiElkjyI
                                                                                                                                                                                                                                                                                                                                  MD5:E9183FBF1E46F0916C4A41675F38C75F
                                                                                                                                                                                                                                                                                                                                  SHA1:C10CCC2A61CC4CD6B836540D4BFC77A66488101A
                                                                                                                                                                                                                                                                                                                                  SHA-256:4A8FD6F166E1EF01A1588BB636279FE5DD135FEE5DE06C045D64AE36D726679C
                                                                                                                                                                                                                                                                                                                                  SHA-512:FF1165D76CF1624F64E443E319E4061C287B370D6A59F965FA34386610D1A0A548210C56D48BE2FEC3C42F50D4C9478930C7F64E6BD218D27B624E955ABC2912
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:jsonFeed({"country":"US","state":"NV","stateName":"Nevada","continent":"NA"});

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 284

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):3300
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.041409827065832
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:96:Fra4M0rAzNrSny1aRzqJRC424+/AD/APe7:Fs0kzNrSyARIRCHU7
                                                                                                                                                                                                                                                                                                                                  MD5:76CA1CA8B2D96CF16DA3E2140D5DFB56
                                                                                                                                                                                                                                                                                                                                  SHA1:03C052A880926A8411E76A18AA63E91C7CF5A16F
                                                                                                                                                                                                                                                                                                                                  SHA-256:02DA51970F2808353C5D402B60067ECBCA43E3F84DBF782C1AD1A2781320E56F
                                                                                                                                                                                                                                                                                                                                  SHA-512:6AB8C4F5EE9ECDE494CF61C895F30502E61DED69168847606FC86C1B60D16610E9E63F056448A6D1C2AD2B459D406FEF983106E28B010CC27CC30A823FC95C94
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://www.telerik.com/WebResource.axd?d=DzHrpQl5URXarFHAtrmzFsPwWIExaUeLHf3gTuslFxiRsjc9gU89IWbLw9lFnSTXl5qZVz-0iBHHB3aQBiGWPYzKfk3ndhT8iH1RSf_M6Sk7X3EWbQzPMVpb-rxAUHFQlncyLjOo3RP6E9HfRXn18roSCYCGCRaVqv9jyNWgJTH95Urh0&t=638477158040000000
                                                                                                                                                                                                                                                                                                                                  Preview:TrackingConsentManager=(function(){var consentCookieName="sf-tracking-consent";.var consentDialogHtml="";.var consentDialog=null;.var eventListeners={AfterDialogDisplayed:[],BeforeDialogClosed:[],ConsentChanged:[],};.function closeConsentDialog(){if(consentDialog==null){return;.}invokeEventListeners("BeforeDialogClosed",[consentDialog]);.document.body.removeChild(consentDialog);.consentDialog=null;.}function openConsentDialog(){if(!document.body){return;.}closeConsentDialog();.consentDialog=document.createElement("div");.var dialogHtml=document.getElementById("sf-tracking-consent-manager");.if(dialogHtml){consentDialogHtml=dialogHtml.textContent;.consentDialog.innerHTML=consentDialogHtml;.document.body.insertBefore(consentDialog,document.body.childNodes[0]);.}var scripts=consentDialog.getElementsByTagName("script");.for(var idx=0;.idx<scripts.length;.idx++){try{eval(scripts[idx].textContent);.}catch(err){console.error(err);.}}invokeEventListeners("AfterDialogDisplayed",[consentDialog])

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 285

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:HTML document, ASCII text, with very long lines (4596), with no line terminators
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):4596
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.721760437880569
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:96:YyRkckyidgPVfbnZzmP2aZzltMIZz+aKDZzbqYyjg6P9fbnZZP2aZ6tMIZXaKDZ/:yhyidgPNbZyP2ehtMAaaK1vqYyjgy1bu
                                                                                                                                                                                                                                                                                                                                  MD5:5532CFCDE1D38AEF31D31B1B932720E2
                                                                                                                                                                                                                                                                                                                                  SHA1:05F03109B10D82B5107FE1AA7FF4F7118AA6378E
                                                                                                                                                                                                                                                                                                                                  SHA-256:661ABA4A5A2F59514F16D662AF5FA50F8F671F2E15EF68CB424F1DA4AD09C405
                                                                                                                                                                                                                                                                                                                                  SHA-512:79FBDFEAEBFC3C47FDB519BA8A5A7D1EED8BD390B21BCAF2FD47E35A135F302C3F3F187AD8F0AE2F51A367C0F8174CE5A1C12818C520E53CD77409CACCA7115E
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://td.doubleclick.net/td/rul/975652292?random=1713914999207&cv=11&fst=1713914999207&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je44m0v9167661709za200&gcs=G111&gcd=13v3v3v3v5&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&ref=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&label=p4zxCNq_8IkYEMSLndED&hn=www.googleadservices.com&frm=0&tiba=First%20run&gtm_ee=1&npa=0&pscdl=noapi&auid=571138784.1713914988&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.134%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.134&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&ct_cookie_present=0
                                                                                                                                                                                                                                                                                                                                  Preview:<html><head><meta http-equiv="origin-trial" content="Avh5Ny0XEFCyQ7+oNieXskUrqY8edUzL5/XrwKlGjARQHW4TFRK+jVd5HnDIpY20n5OLHfgU4ku7x48N3uhG/A0AAABxeyJvcmlnaW4iOiJodHRwczovL2RvdWJsZWNsaWNrLm5ldDo0NDMiLCJmZWF0dXJlIjoiUHJpdmFjeVNhbmRib3hBZHNBUElzIiwiZXhwaXJ5IjoxNjk1MTY3OTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0="></head><body><script>var ig_list={"interestGroups":[{"action":0,"expirationTimeInSeconds":2592000,"interestGroupAttributes":{"owner":"https://td.doubleclick.net","name":"1j597463345","biddingLogicUrl":"https://td.doubleclick.net/td/bjs","dailyUpdateUrl":"https://td.doubleclick.net/td/update?ig_name=1j597463345\u0026tag_eid=44805652","trustedBiddingSignalsUrl":"https://td.doubleclick.net/td/bts","trustedBiddingSignalsKeys":["1s613byw!2sZk_ReQ!3sAAptDV7iNOqK"],"userBiddingSignals":[["452806886"],null,1713915001237604],"ads":[{"renderUrl":"https://tdsf.doubleclick.net/td/adfetch/gda?adg_id=158724440806\u0026cr_id=695025288683\u0026cv_id=0\u0026format=${AD_WIDTH}x${AD_HEIGHT}\u0026rds=${RENDER_DA

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 286

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):35
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.036006945330954
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:3:YGKad20bAn:YGK+o
                                                                                                                                                                                                                                                                                                                                  MD5:7D18C0226B08F68EC83126F32344634B
                                                                                                                                                                                                                                                                                                                                  SHA1:F7B593CCD626C52A16C8DEAA638F77D722A9BB85
                                                                                                                                                                                                                                                                                                                                  SHA-256:4AF2CD82560041DB5DCCDDC690E3019B57703A96345DC27C796B3AF9BCBED2A2
                                                                                                                                                                                                                                                                                                                                  SHA-512:72C2672467426052694DD2C7FA3F28111BDC16AD14EB3D0BA4EDBAF7E96C0293B1103ACD86D1ED4B4D6492750893D34BC837564EAF5795772223B50548CE5010
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://www.telerik.com/webapi/Announcements/GetPromo?url=https://www.telerik.com/download/fiddler/first-run
                                                                                                                                                                                                                                                                                                                                  Preview:{"content":{"promoViewModel":null}}

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 287

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (10922)
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):346066
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.600734502109564
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:3072:HvQxbhzgNSNow8VNzEV1d8L71+TYc20DCSY1KGAlDH+b1s6rgD4tL+aVsQCZqdmI:oFhewMNzEWqIwD4tLfV9CZq0N8Sf9W
                                                                                                                                                                                                                                                                                                                                  MD5:5C40ECBEF7CFD23E41E6669A213719BD
                                                                                                                                                                                                                                                                                                                                  SHA1:97F349C9C13D844023C2F7BB85886A7858A1C4B2
                                                                                                                                                                                                                                                                                                                                  SHA-256:50B6F41348CAE41A5CB1AEEC3359A30BDB569D2B9464DB2E18D2BCC18CBD41AD
                                                                                                                                                                                                                                                                                                                                  SHA-512:6262912C4F8C0829734AE2C07BBC00F1F49C90CD4439FC8E6FBD4F8598AC2432D3D4056362B47A26E13A72158BBA43A86968DF11CEA71C3D03B7239BBBDE2735
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://www.googletagmanager.com/gtag/js?id=G-9JSNBCSF54&l=dataLayer&cx=c
                                                                                                                                                                                                                                                                                                                                  Preview:.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"15",. . "macros":[{"function":"__e"},{"vtp_signal":1,"function":"__c","vtp_value":1},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0},{"function":"__c","vtp_value":false},{"function":"__c","vtp_value":false},{"function":"__c","vtp_value":false},{"function":"__c","vtp_value":false},{"function":"__c","vtp_value":false},{"function":"__c","vtp_value":false},{"function":"__c","vtp_value":false},{"function":"__c","vtp_value":false},{"function":"__c","vtp_value":false},{"function":"__c","vtp_value":false},{"vtp_signal":1,"function":"__c","vtp_value":1},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0}],. "tags":[{"function":"__ogt_cross_domain","priority":22,"vtp_rules":["list","^(?!downloads\\.cdn)[^.]*\\.?telerik\\.com$","whatsupgold\\.com","^chef\\.io$|^www.chef\\.io$","^kemp\\.ax$|^kemptechnologies\\.com$|^freeloadbalancer\\.com$|^exchangeloadba

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 288

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (988), with no line terminators
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):988
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.117476581249033
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:12:6UMQEIMQYCdNLTkNTTiFBosOUurwaN7M8oVaXCOOCKX6DRNLnQBpNfTEcvrh4dHT:nvREiFBofUc1wc14X6DRdnWpdhkG13PK
                                                                                                                                                                                                                                                                                                                                  MD5:4878F2853544956FF4A86BC896C922FD
                                                                                                                                                                                                                                                                                                                                  SHA1:EA8D5FE09371B8696A26BA1421E3B4EB3AA28EE1
                                                                                                                                                                                                                                                                                                                                  SHA-256:01E1F1E3AD442967914D5FD98BFFA91C04C714EE6506DAA51BD3A18081C7C81C
                                                                                                                                                                                                                                                                                                                                  SHA-512:A5C7D0A0144C78BD0A5086FDBC59111003A553C1BF0942F466A6EACDE4D76FCFA4333683E40E9C85900999AEB7DF66C84856E9A5F98637CC19F8F9FD5E2A6F7F
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://d585tldpucybw.cloudfront.net/Frontend-Assembly/Web.SitefinityExtensions.EloquaConnector/Scripts/SetBrowserSessionStorage.min.js?package=PureMvc&v=ZGx1bUU2RnZ6Tmd0d21DTm10M2ZHUT09)
                                                                                                                                                                                                                                                                                                                                  Preview:window.invokeTrackingScript(this,OptanonGroups.PerformanceCookies,function(){var i="adWordsData",n="expTracking";function e(){dataLayer.push(arguments)}window.browserSessionStorage.read(n);function o(t,i){var r=window.browserSessionStorage.read(n);r=r?r:{};r[i]=t;window.browserSessionStorage.write(n,r);const u=document.createEvent("Event");u.initEvent("onOptimizeCallbackTriggered",!0,!0);window.dispatchEvent(u)}e("event","optimize.callback",{callback:o});function r(n,t){for(var u=null,e=t.split("&"),f=0;f<e.length;f++){var i=e[f].split("=");if(i[0]===n)return i[1];i[0]==="ReturnUrl"&&(u=i[1])}if(u){var s=unescape(u),o=s.split("?");if(o.length>1)return r(n,o[1])}}if(!window.browserSessionStorage.read(i)){var t={},u=!1,f=window.location.search.substring(1);f&&["ad_group","ad_type","utm_term","utm_content","ad_size","ad_placement","gclid","ad_copy"].forEach(function(n){var i=r(n,f);i&&(t[n]=i,u=!0)});u&&(t.lp_url=window.location.href,window.browserSessionStorage.write(i,t))}})

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 289

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):278052
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.237168831261362
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:1536:5PLMv2/wXIYQZir0y2X8JfhmagqhrV4ecCArMM1IvGoVodNV9N9+xyYDq1AxLUAs:5PR/k0ypLodNV9N9GTUA62F752o8ftl
                                                                                                                                                                                                                                                                                                                                  MD5:78C20C71DEEBA04D16C241DD591CD11C
                                                                                                                                                                                                                                                                                                                                  SHA1:B6CE06A57A51347C21D7AF30873BAA8620408FD6
                                                                                                                                                                                                                                                                                                                                  SHA-256:D62C2BD2368811A88889ED0EF4D2C906B2374E3E9959AF68EEFA3A2BC5C32616
                                                                                                                                                                                                                                                                                                                                  SHA-512:2ADD43DB9C07CACA9B548C43418B6ED6F9FFE9FF8B1DAE3F31E67960B6B67A7603024DC70A2E277A475B9EB8A67B4280DF11612EEBB1A2B3EDC4CC3C634187B1
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://dtzbdy9anri2p.cloudfront.net/cache/b6ce06a57a51347c21d7af30873baa8620408fd6/telerik/css/style.css
                                                                                                                                                                                                                                                                                                                                  Preview:@charset "UTF-8";.BlockLinks--buttons a,.Btn,.PageWrapper,.PanelChoice label,.RadEditor iframe,.SearchResults *,.Section-banner,.Section-cover,.Slider-slide,.TK-Tag-Input-Button,.TimeLine :after,.TimeLine :before,.col-1,.col-10,.col-11,.col-12,.col-2,.col-3,.col-4,.col-5,.col-6,.col-7,.col-8,.col-9,.col-common,.col-five,.container,.field,.sfFormSubmit.sfSubmitBtnSmall>input,.sfforumSubscribeBtn,.sfforumUnsubscribeBtn,.sfreContentArea,input,input[type=checkbox],input[type=radio],select,textarea,tk-site-search *{-webkit-box-sizing:border-box;box-sizing:border-box}.Features-Slider-Header,.List--horizontal,.List-item,.Nav,.NavAlt,.QuickLinks,.QuickLinks .sftaxonHorizontalList,.Section-controlHeadingMenu,.container,.row,.u-cf,dl{*zoom:1}.Features-Slider-Header:after,.List--horizontal:after,.List-item:after,.Nav:after,.NavAlt:after,.QuickLinks .sftaxonHorizontalList:after,.QuickLinks:after,.Section-controlHeadingMenu:after,.container:after,.row:after,.u-cf:after,dl:after{clear:both;content:"

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 290

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (2932), with no line terminators
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):2932
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.928070808250198
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:48:Ego2Y+iKasKEIzUtJQSIZyaQqe3q7SWWdCC6jykt083AEe9rGAyfn/9yyuS77gK6:wsbSUtJfxrqLWWWdV6j1jAEe8A6MS78r
                                                                                                                                                                                                                                                                                                                                  MD5:EE66A7E158C4CB02B531CF44F2D67E53
                                                                                                                                                                                                                                                                                                                                  SHA1:037C81DBCA9B3E8D057F6772F3DC935C2358093F
                                                                                                                                                                                                                                                                                                                                  SHA-256:C7ADE3A87487F20CBD88FDFEC26CBB79AD42606A2C4AD61C4C1377760EEC7347
                                                                                                                                                                                                                                                                                                                                  SHA-512:EDCF895FD3BB3B16AF574DD77ECE5C46265027892604446AB487B7C4F4AFD01366953FEE777426B180FE3BB60FCFB1EDB3CF1B3649921760002D0CBFFE773DD9
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://www.googleadservices.com/pagead/conversion/975652292/?random=1713914999207&cv=11&fst=1713914999207&bg=ffffff&guid=ON&async=1&gtm=45je44m0v9167661709za200&gcs=G111&gcd=13v3v3v3v5&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&ref=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&label=p4zxCNq_8IkYEMSLndED&hn=www.googleadservices.com&frm=0&tiba=First%20run&gtm_ee=1&npa=0&pscdl=noapi&auid=571138784.1713914988&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.134%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.134&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&rfmt=3&fmt=4
                                                                                                                                                                                                                                                                                                                                  Preview:(function(){var s = {};(function(){var e={};/* Copyright The Closure Library Authors. SPDX-License-Identifier: Apache-2.0 */ var f=this||self;var g,k;a:{for(var l=["CLOSURE_FLAGS"],p=f,q=0;q<l.length;q++)if(p=p[l[q]],null==p){k=null;break a}k=p}var r=k&&k[610401301];g=null!=r?r:!1;var t,v=f.navigator;t=v?v.userAgentData||null:null;function w(d){return g?t?t.brands.some(function(a){return(a=a.brand)&&-1!=a.indexOf(d)}):!1:!1}function x(d){var a;a:{if(a=f.navigator)if(a=a.userAgent)break a;a=""}return-1!=a.indexOf(d)};function y(){return g?!!t&&0<t.brands.length:!1}function z(){return y()?w("Chromium"):(x("Chrome")||x("CriOS"))&&!(y()?0:x("Edge"))||x("Silk")};!x("Android")||z();z();!x("Safari")||z()||(y()?0:x("Coast"))||(y()?0:x("Opera"))||(y()?0:x("Edge"))||(y()?w("Microsoft Edge"):x("Edg/"))||y()&&w("Opera");var A=/#|$/;function B(d){var a=d.search(A),b;a:{for(b=0;0<=(b=d.indexOf("fmt",b))&&b<a;){var c=d.charCodeAt(b-1);if(38==c||63==c)if(c=d.charCodeAt(b+3),!c||61==c||38==c||35==c)br

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 291

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:GIF image data, version 89a, 1 x 1
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):43
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):2.7374910194847146
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:3:CU9yltxlHh/:m/
                                                                                                                                                                                                                                                                                                                                  MD5:DF3E567D6F16D040326C7A0EA29A4F41
                                                                                                                                                                                                                                                                                                                                  SHA1:EA7DF583983133B62712B5E73BFFBCD45CC53736
                                                                                                                                                                                                                                                                                                                                  SHA-256:548F2D6F4D0D820C6C5FFBEFFCBD7F0E73193E2932EEFE542ACCC84762DEEC87
                                                                                                                                                                                                                                                                                                                                  SHA-512:B2CA25A3311DC42942E046EB1A27038B71D689925B7D6B3EBB4D7CD2C7B9A0C7DE3D10175790AC060DC3F8ACF3C1708C336626BE06879097F4D0ECAA7F567041
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:GIF89a.............!.......,...........D..;

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 292

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:HTML document, ASCII text, with very long lines (1141), with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):13917
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.591879226720576
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:384:MuLIIgE0uE0x/E0AE06E0wE0bKSf6XBxeYOQM10:MuLIXm5/oC42BrtMO
                                                                                                                                                                                                                                                                                                                                  MD5:8A490F46B0CC829B36D6C12C2109B618
                                                                                                                                                                                                                                                                                                                                  SHA1:8E70663A3D856A6A4CDD83A614043E0F7D911994
                                                                                                                                                                                                                                                                                                                                  SHA-256:9D72DC375E6E2F085A835B43797C16A3EC0E8136F5DCD70C1A8FA350F0F17F8D
                                                                                                                                                                                                                                                                                                                                  SHA-512:083FCA64CF262BA5377CE58B6CF520C59F73406ED522452D1EA884E7B7CE646F498E543A7641C1A933D58EF9DBC0AA62EDE91EFC3A283E5128E1039975C75F1A
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:<!doctype html>..<html lang="en-us">..<head>..<title>ControlDataMessage Snapshot of 4/23/2024 11:30:02 PM</title>..<meta http-equiv="Content-Type" content="text/html; charset=utf-8">..<style type="text/css">..BODY, H1, H2, H3, H4, H5, H6, DL, DT, DD {.. margin: 0;.. padding: 0;.. color: #444;.. font: 13px/15px Arial, Verdana, Helvetica;..}..H1 {.. text-align: center;.. font: 24px Helvetica, Verdana, Arial;.. padding: 20px 0 10px 0;.. background: #FBFBFB;.. border-bottom: solid 1px #fff;..}..#lnks {.. border-top: solid 1px #dfdfdf;.. border-bottom: solid 1px #dfdfdf;.. margin: 0 0 10px 0;.. padding: 5px;.. background: #f1f1f1;.. line-height: 20px;.. text-align: center;..}..#lnks B {.. padding: 0 3px;..}..#body {.. padding: 20px;..}..H1 B {.. font-weight: normal;.. color: #069;..}..H1 A {.. color: #0E8F13;.. text-decoration: underline;..}..H1 I {.. font-style: normal;.. color: #0E8F13;..}..A {.. color: #337ab7;.. text-decoration: none;..}..A:hover {.. text-deco

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 293

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Unicode text, UTF-8 text, with very long lines (62292), with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):62389
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.353636010965601
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:768:xojOeB7foxMGtJm4UUvBkU4/4uu34xMR/UuSJwfGm0ZlBCmQdrCylwVc:Cjd1foxMGZtCMRsuSJvswVc
                                                                                                                                                                                                                                                                                                                                  MD5:30B9882CF93F4A9B2FFA96AB351271D8
                                                                                                                                                                                                                                                                                                                                  SHA1:970340E440846513D7BA29BAF27795A042C96AA8
                                                                                                                                                                                                                                                                                                                                  SHA-256:D6F3A8301FFA9A9AA6A748CCC535A559242CD73451BB4D236B7E72FF64123703
                                                                                                                                                                                                                                                                                                                                  SHA-512:D6B4041CD68701C94C876259A947831C677902789AC1C4D13B71CD3F47C8FF96B02240681D372D10A74D102E32DC7837F0C633F0A4B28A560CF5F3C11BF8EECF
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://www.clarity.ms/s/0.7.31/clarity.js
                                                                                                                                                                                                                                                                                                                                  Preview:/* clarity-js v0.7.31: https://github.com/microsoft/clarity (License: MIT) */..!function(){"use strict";var t=Object.freeze({__proto__:null,get queue(){return Ua},get start(){return qa},get stop(){return Fa},get track(){return Ha}}),e=Object.freeze({__proto__:null,get clone(){return fr},get compute(){return hr},get data(){return rr},get keys(){return ir},get reset(){return pr},get start(){return lr},get stop(){return gr},get trigger(){return dr},get update(){return vr}}),n=Object.freeze({__proto__:null,get check(){return Er},get compute(){return Nr},get data(){return ar},get start(){return kr},get stop(){return Tr},get trigger(){return Or}}),a=Object.freeze({__proto__:null,get compute(){return Cr},get data(){return Sr},get log(){return Ir},get reset(){return Dr},get start(){return Mr},get stop(){return _r},get updates(){return xr}}),r=Object.freeze({__proto__:null,get callbacks(){return jr},get clear(){return Yr},get consent(){return Xr},get data(){return Ar},get electron(){return Rr},

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 294

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PNG image data, 65 x 65, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):2588
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):7.896800194253122
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:48:z7FMMvnQwgeHOHCvG8ksYB6kQ+oORe+Orj4pdOzukUdZ6F1IcUC+SxoYXv:dRPQwgeuDfl6kBoO8+e4pdOzAudYSCM
                                                                                                                                                                                                                                                                                                                                  MD5:43D1CF4ABA38E6A2E4917698EB629712
                                                                                                                                                                                                                                                                                                                                  SHA1:DC3014AAD2A95FD450E3F86765A6349434147860
                                                                                                                                                                                                                                                                                                                                  SHA-256:3DCDE7CAF6DE5F14BAC67A471AECAEB492D1DCE03A3E6A6DB8A234B97C4CFBE2
                                                                                                                                                                                                                                                                                                                                  SHA-512:7A6E0BAF22876CBDBCD61A0202F41A2728BEFC3CEA55936EA6BA24B572AD92978BE630AC0831D578149B816B318A29C64FCF00B3713FEDAA75D30980A8893855
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:.PNG........IHDR...A...A........E....pHYs...#...#.x.?v....tEXtSoftware.Adobe ImageReadyq.e<....IDATx....Uc...d5.$....(..cZ..*.".Vy,....X.<2.G..2.G.h*F*f..R....h..L..\..~_.=.s.9.17kZ...s.........;ed...1c..z...&...%.2A. .g..(7.zM2...d..1.E.*&./.h..fG.x....PP...|.H.t.d.Z.....y/..SO.SK.=M.;......V9.l.z..]..."G...q..p.`.......UMQ.F[F.....%..o&. .c ..#.j.S.Y.....8.q..:..V+1U.O.4q...c1...N..*...A..;.k.Ga.0......)......(U./.t.Z.z.D+.e.....F..s.,.<.Q.......O.P.T........._...u.....S.,....~Nph..1<i....,...1n.^.bE..].............o#....M....\*.....B... ...\e,;..l3...S....`.......!.P..>...Ak.M,T.Y..NPn.U=......c..8.(.}~W6.....^...a...0T.hN.).....Y..%...~T.Y9.........1d6....D./........,w.]..O:4g..$G.SU....*.H..>L...(...g....~Ta'.X/R.m...3..m]t_?..pxD..`......f.Ao....[.P...F...].S..n....4m.O.@1.}O.`5c{...a[<&xXp......v..{D.6...6..J.H...E.g...^d.+Yuc.:......L.......-'h.\v.......-.....[.l......).~~..cSum..4z......,.p>....l......;...<...........4.......

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 295

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:HTML document, ASCII text, with very long lines (4634), with no line terminators
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):4634
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.724073181103764
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:96:YyRkckyjg6PINbnZZP2aZ6tMIZXaKDZYqYyidgPfNbnZzmP2aZzltMIZz+aKDZz2:yhyjgyQbZZP2e6tMAXaK1YqYyidgPlba
                                                                                                                                                                                                                                                                                                                                  MD5:0F6513015DC765F3BEF96B1B27832210
                                                                                                                                                                                                                                                                                                                                  SHA1:D41C4D0F8A9354CE2EB911F6E92A4E256150BF17
                                                                                                                                                                                                                                                                                                                                  SHA-256:C0DA228743DAFD9D396FB80A4CBEF1B494F4FD5EBE8D06AEAF84C9AA4104DDE1
                                                                                                                                                                                                                                                                                                                                  SHA-512:E21B2FC09511938B1DB75D300D29F536B4B3688498B45A4F4D2C155E110E925E9D891EE1151258250D81DCDD61DD6920F91E9090739B18ABA46AFB1F11B186C1
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://td.doubleclick.net/td/rul/975652292?random=1713914991222&cv=11&fst=1713914991222&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je44m0v9167661709za200&gcs=G111&gcd=13v3v3v3v5&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&label=p4zxCNq_8IkYEMSLndED&hn=www.googleadservices.com&frm=0&tiba=First%20run&gtm_ee=1&npa=0&pscdl=noapi&auid=571138784.1713914988&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.134%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.134&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&ct_cookie_present=0
                                                                                                                                                                                                                                                                                                                                  Preview:<html><head><meta http-equiv="origin-trial" content="Avh5Ny0XEFCyQ7+oNieXskUrqY8edUzL5/XrwKlGjARQHW4TFRK+jVd5HnDIpY20n5OLHfgU4ku7x48N3uhG/A0AAABxeyJvcmlnaW4iOiJodHRwczovL2RvdWJsZWNsaWNrLm5ldDo0NDMiLCJmZWF0dXJlIjoiUHJpdmFjeVNhbmRib3hBZHNBUElzIiwiZXhwaXJ5IjoxNjk1MTY3OTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0="></head><body><script>var ig_list={"interestGroups":[{"action":0,"expirationTimeInSeconds":2592000,"interestGroupAttributes":{"owner":"https://td.doubleclick.net","name":"1j452806886","biddingLogicUrl":"https://td.doubleclick.net/td/bjs","dailyUpdateUrl":"https://td.doubleclick.net/td/update?ig_name=1j452806886\u0026tag_eid=44805652","trustedBiddingSignalsUrl":"https://td.doubleclick.net/td/bts","trustedBiddingSignalsKeys":["1sXUo8ZA!2sZk_RdQ!3sAAptDV5AOEra"],"userBiddingSignals":[["597463345"],null,1713914997429143,1713914994641784,2],"ads":[{"renderUrl":"https://tdsf.doubleclick.net/td/adfetch/gda?adg_id=158724440806\u0026cr_id=695025288683\u0026cv_id=0\u0026format=${AD_WIDTH}x${AD_HEIGHT}\u

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 296

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (64347)
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):223683
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.454805360153245
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:3072:tt8WClBZIncVuP0bteuvQ+AMPpgArl0xYu5GKnPt:ttlWBZ7O0bvQQGArHu5GKn1
                                                                                                                                                                                                                                                                                                                                  MD5:85F41014BE15CC3E54A4123C00C5021E
                                                                                                                                                                                                                                                                                                                                  SHA1:1E5468F507A8B0216114A8D8F63309BE8CBCAB9F
                                                                                                                                                                                                                                                                                                                                  SHA-256:01E9582655224C83E6C075F44B7EECB135E108B6AD2150BF6F78A0A77C4AD5E0
                                                                                                                                                                                                                                                                                                                                  SHA-512:78F6D6CD922AA42FD340CF215D7D91DDFABEF5EC393DFA5EB578436B9B668F839747218A4DE980AEC2395194667B1E0215623EC902EAAF8CE592536172414FCD
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://connect.facebook.net/en_US/fbevents.js
                                                                                                                                                                                                                                                                                                                                  Preview:/**.* Copyright (c) 2017-present, Facebook, Inc. All rights reserved..*.* You are hereby granted a non-exclusive, worldwide, royalty-free license to use,.* copy, modify, and distribute this software in source code or binary form for use.* in connection with the web services and APIs provided by Facebook..*.* As with any software that integrates with the Facebook platform, your use of.* this software is subject to the Facebook Platform Policy.* [http://developers.facebook.com/policy/]. This copyright notice shall be.* included in all copies or substantial portions of the software..*.* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR.* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS.* FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR.* COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER.* IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN.* CONNECTION WI

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 297

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):145222
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.2670517262784315
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:3072:2qDBtbotYFCFFhwaBCs5wEuIVoz8mAyfPYiHF:2qDBdot1rhTCsaSVCAiHF
                                                                                                                                                                                                                                                                                                                                  MD5:E112B8BF96F23BC2970347A3C98E37FC
                                                                                                                                                                                                                                                                                                                                  SHA1:CE2408E32AEA3F8323ECEE9B7E4338A943667950
                                                                                                                                                                                                                                                                                                                                  SHA-256:889794FD02992011C4B843A05190531656D4C6148E6D4375BE6BAB3432B580D0
                                                                                                                                                                                                                                                                                                                                  SHA-512:AA43C0276A8E03B9C45479D7B7D286EA4648C355977D9742F14E8CCB22CF301ED7890330B39DAFB2D9EC26B6B233F4BCEFC6D231430F3CBA924DEDD13431CEF4
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://www.clickcease.com/monitor/stat.js
                                                                                                                                                                                                                                                                                                                                  Preview:!function(){"use strict";function k(){k=function(){return a};var c,a={},e=Object.prototype,l=e.hasOwnProperty,u=Object.defineProperty||function(e,t,n){e[t]=n.value},t="function"==typeof Symbol?Symbol:{},r=t.iterator||"@@iterator",n=t.asyncIterator||"@@asyncIterator",o=t.toStringTag||"@@toStringTag";function i(e,t,n){return Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}),e[t]}try{i({},"")}catch(c){i=function(e,t,n){return e[t]=n}}function s(e,t,n,r){var o,i,a,s,t=t&&t.prototype instanceof y?t:y,t=Object.create(t.prototype),r=new C(r||[]);return u(t,"_invoke",{value:(o=e,i=n,a=r,s=f,function(e,t){if(s===h)throw new Error("Generator is already running");if(s===m){if("throw"===e)throw t;return{value:c,done:!0}}for(a.method=e,a.arg=t;;){var n=a.delegate;if(n){n=function e(t,n){var r=n.method,o=t.iterator[r];if(o===c)return n.delegate=null,"throw"===r&&t.iterator.return&&(n.method="return",n.arg=c,e(t,n),"throw"===n.method)||"return"!==r&&(n.method="throw",n.ar

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 298

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:HTML document, ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):13
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):2.7773627950641693
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:3:qVZPV:qzd
                                                                                                                                                                                                                                                                                                                                  MD5:C83301425B2AD1D496473A5FF3D9ECCA
                                                                                                                                                                                                                                                                                                                                  SHA1:941EFB7368E46B27B937D34B07FC4D41DA01B002
                                                                                                                                                                                                                                                                                                                                  SHA-256:B633A587C652D02386C4F16F8C6F6AAB7352D97F16367C3C40576214372DD628
                                                                                                                                                                                                                                                                                                                                  SHA-512:83BAFE4C888008AFDD1B72C028C7F50DEE651CA9E7D8E1B332E0BF3AA1315884155A1458A304F6E5C5627E714BF5A855A8B8D7DB3F4EB2BB2789FE2F8F6A1D83
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://td.doubleclick.net/td/ga/rul?tid=G-9JSNBCSF54&gacid=925834404.1713914987&gtm=45je44m0v9167661709z8536291za200&dma=0&gcs=G111&gcd=13v3v3v3v5&npa=0&pscdl=noapi&aip=1&fledge=1&z=1283479480
                                                                                                                                                                                                                                                                                                                                  Preview:<html></html>

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 299

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:HTML document, ASCII text
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):235
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.101641299344094
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:6:hxuJzhqIzyYk+qRU4zEdxXZiqd6AAldgWJpEH6RyB5Lis8K34QL:hYXc4xXgqSGWJpu6RQ8sbIQL
                                                                                                                                                                                                                                                                                                                                  MD5:B112D8E1D41CE53E89D42E6B6FAEFD57
                                                                                                                                                                                                                                                                                                                                  SHA1:73D71526C722F7348597B8BB028BDAFD408C4236
                                                                                                                                                                                                                                                                                                                                  SHA-256:2AD5E0E760760530A731FB54BB2A7D34B637865F4E82DB7FAE2976A5374D3C3E
                                                                                                                                                                                                                                                                                                                                  SHA-512:CF22177AD8B824EF58C457656D356DCB4942592AF28AA976196871D39941D0E2323FA78A2018A11DB8F0167804B6C2B71978B439CFDAE998B7A0BB1AE927A03C
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:<!DOCTYPE html>.<html lang="en">.<head>.<meta charset="utf-8">.<title>Error</title>.</head>.<body>.<pre>Cannot GET /collect/v2/data-centers/76766c2b-82f4-2453-81e5-fd840f3b455b/datasources/TelerikCom/interactions</pre>.</body>.</html>.

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 300

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (21778), with no line terminators
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):21778
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.769188103585108
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:384:+Z8C4hGoFjlCS7FGAVsq1nwGfg4xqsQMPNE:JmJ
                                                                                                                                                                                                                                                                                                                                  MD5:73BC4067D312180A1B19A4D883F42D6A
                                                                                                                                                                                                                                                                                                                                  SHA1:AD328A9A572FBEA43F295E7769835FF08F6FF1FD
                                                                                                                                                                                                                                                                                                                                  SHA-256:D3F7B0EC4DE079928A999641E781E80F33597A392A561BC460276DFB4EFB6EEC
                                                                                                                                                                                                                                                                                                                                  SHA-512:20B89462521684C258A8CE15E94DA67182C66397B0DE528357E01294FF06883C1AD96037A9D739E4575DB8722B1A1967578709A0C844CD45A49E6A51E1B6479D
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://cdn.cookielaw.org/scripttemplates/202401.2.0/assets/otCommonStyles.css
                                                                                                                                                                                                                                                                                                                                  Preview:#onetrust-banner-sdk{-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%}#onetrust-banner-sdk .onetrust-vendors-list-handler{cursor:pointer;color:#1f96db;font-size:inherit;font-weight:bold;text-decoration:none;margin-left:5px}#onetrust-banner-sdk .onetrust-vendors-list-handler:hover{color:#1f96db}#onetrust-banner-sdk:focus{outline:2px solid #000;outline-offset:-2px}#onetrust-banner-sdk a:focus{outline:2px solid #000}#onetrust-banner-sdk #onetrust-accept-btn-handler,#onetrust-banner-sdk #onetrust-reject-all-handler,#onetrust-banner-sdk #onetrust-pc-btn-handler{outline-offset:1px}#onetrust-banner-sdk.ot-bnr-w-logo .ot-bnr-logo{height:64px;width:64px}#onetrust-banner-sdk .ot-tcf2-vendor-count.ot-text-bold{font-weight:bold}#onetrust-banner-sdk .ot-close-icon,#onetrust-pc-sdk .ot-close-icon,#ot-sync-ntfy .ot-close-icon{background-size:contain;background-repeat:no-repeat;background-position:center;height:12px;width:12px}#onetrust-banner-sdk .powered-by-logo,#onetrust-banner-sdk .ot-pc-fo

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 301

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (4189)
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):219946
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.540011828387694
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:3072:AEhzgNSNow8VNM51x8a71+TYc20DCSY1KGolDHWbUs6rWDe5L+aVsQCPtK:3hewMNMNqgBDe5LfV9CPg
                                                                                                                                                                                                                                                                                                                                  MD5:1B72B5EDE93506F7FD88B32D29BD0766
                                                                                                                                                                                                                                                                                                                                  SHA1:1C1A8B606176DC2BE2BD4825AE774529B3CD140E
                                                                                                                                                                                                                                                                                                                                  SHA-256:5782B304077C59F0BF5DEB8478D81DD235E639ADC8FB107E000F57161A943239
                                                                                                                                                                                                                                                                                                                                  SHA-512:F99929D6B148160343EEE1716623B9C395F5A3346C419993601C172DAFBD55CE7D02E0FA146F70C9DF5E92C5F3873B9431D99AEDAD0B05E464AA980DB3543BB3
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://www.googletagmanager.com/gtag/js?id=AW-975652292&l=dataLayer&cx=c
                                                                                                                                                                                                                                                                                                                                  Preview:.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"1",. . "macros":[{"function":"__e"}],. "tags":[{"function":"__ogt_1p_data_v2","priority":0,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_cityType":"CSS_SELECTOR","vtp_manualEmailEnabled":false,"vtp_firstNameType":"CSS_SELECTOR","vtp_countryType":"CSS_SELECTOR","vtp_cityValue":"","vtp_emailType":"CSS_SELECTOR","vtp_regionType":"CSS_SELECTOR","vtp_autoEmailEnabled":true,"vtp_postalCodeValue":"","vtp_lastNameValue":"","vtp_phoneType":"CSS_SELECTOR","vtp_phoneValue":"","vtp_streetType":"CSS_SELECTOR","vtp_autoPhoneEnabled":false,"vtp_postalCodeType":"CSS_SELECTOR","vtp_emailValue":"","vtp_firstNameValue":"","vtp_streetValue":"","vtp_lastNameType":"CSS_SELECTOR","vtp_autoAddressEnabled":false,"vtp_regionValue":"","vtp_countryValue":"","vtp_isAutoCollectPiiEnabledFlag":false,"tag_id":2}],. "predicates"

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 302

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):3731
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.665307996305642
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:96:3c5WT9BvpXKZhUyXuXsk8hLb3Dhm2ykOooI:3c5WNXK3XuXW5UI
                                                                                                                                                                                                                                                                                                                                  MD5:9B61F79C1D5EF04ED6D6BB81D262EAA5
                                                                                                                                                                                                                                                                                                                                  SHA1:72D81F59CEB70FBA7EB600B4572BF2676C0E6F9F
                                                                                                                                                                                                                                                                                                                                  SHA-256:6A8205959EFFB107615680E13DA487E9F532B513797C83553760D7F4EBDE5A8D
                                                                                                                                                                                                                                                                                                                                  SHA-512:3FC6BC5E51FB70D102A26E48CC953AF3F7875715BD8E0EF83EC540B491F5F3087FB015855BB1A97C3FB4EE1408BCCEB41DAF935C3440A830803FAA8B186A9153
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://bat.bing.com/p/action/223000243.js
                                                                                                                                                                                                                                                                                                                                  Preview:(function(w,d,s,i) {.. var c=d.currentScript;.. if (c) {.. var uo = c.getAttribute('data-ueto');.. if (uo && w[uo] && w[uo].uetConfig && w[uo].uetConfig.deBlock === true).. return;.. }.. var f,j; f=d.getElementsByTagName(s)[0]; j=d.createElement(s); j.async=true;.. j.src='https://www.clarity.ms/tag/uet/'+i+'';.. j.onload = function () {.. if (!c) return;.. var co = function(u) { return u && typeof u === 'object' && !(u instanceof Array) && u.beaconParams && u.beaconParams.mid && w.clarity; };.. var r = 40;.. var cl = function() {.. if (r-- < 1) return;.. var uo = c.getAttribute('data-ueto');.. if (!uo) return;.. var u = w[uo];.. w.clarityuetq = w.mtagq || u;.. if (!co(u)) { setTimeout(function () { cl(); }, 250); return; }.. var m = u.beaconParams.mid;.. w.clarity('set', '_uetmid', m);.. w.clarity('metadata', (function

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 303

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:PNG image data, 65 x 65, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):2588
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):7.896800194253122
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:48:z7FMMvnQwgeHOHCvG8ksYB6kQ+oORe+Orj4pdOzukUdZ6F1IcUC+SxoYXv:dRPQwgeuDfl6kBoO8+e4pdOzAudYSCM
                                                                                                                                                                                                                                                                                                                                  MD5:43D1CF4ABA38E6A2E4917698EB629712
                                                                                                                                                                                                                                                                                                                                  SHA1:DC3014AAD2A95FD450E3F86765A6349434147860
                                                                                                                                                                                                                                                                                                                                  SHA-256:3DCDE7CAF6DE5F14BAC67A471AECAEB492D1DCE03A3E6A6DB8A234B97C4CFBE2
                                                                                                                                                                                                                                                                                                                                  SHA-512:7A6E0BAF22876CBDBCD61A0202F41A2728BEFC3CEA55936EA6BA24B572AD92978BE630AC0831D578149B816B318A29C64FCF00B3713FEDAA75D30980A8893855
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://www.telerik.com/sfimages/default-source/productsimages/kendo-ui-complete/kendoka_icon.png?sfvrsn=922435fb_2
                                                                                                                                                                                                                                                                                                                                  Preview:.PNG........IHDR...A...A........E....pHYs...#...#.x.?v....tEXtSoftware.Adobe ImageReadyq.e<....IDATx....Uc...d5.$....(..cZ..*.".Vy,....X.<2.G..2.G.h*F*f..R....h..L..\..~_.=.s.9.17kZ...s.........;ed...1c..z...&...%.2A. .g..(7.zM2...d..1.E.*&./.h..fG.x....PP...|.H.t.d.Z.....y/..SO.SK.=M.;......V9.l.z..]..."G...q..p.`.......UMQ.F[F.....%..o&. .c ..#.j.S.Y.....8.q..:..V+1U.O.4q...c1...N..*...A..;.k.Ga.0......)......(U./.t.Z.z.D+.e.....F..s.,.<.Q.......O.P.T........._...u.....S.,....~Nph..1<i....,...1n.^.bE..].............o#....M....\*.....B... ...\e,;..l3...S....`.......!.P..>...Ak.M,T.Y..NPn.U=......c..8.(.}~W6.....^...a...0T.hN.).....Y..%...~T.Y9.........1d6....D./........,w.]..O:4g..$G.SU....*.H..>L...(...g....~Ta'.X/R.m...3..m]t_?..pxD..`......f.Ao....[.P...F...].S..n....4m.O.@1.}O.`5c{...a[<&xXp......v..{D.6...6..J.H...E.g...^d.+Yuc.:......L.......-'h.\v.......-.....[.l......).~~..cSum..4z......,.p>....l......;...<...........4.......

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 304

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (65451)
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):439904
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.35737770059875
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:6144:prBt/xkaXxsE7qQ2qSI2Ka3iD0kBNOxgzn3EcWhqlSftZ9z+s:RnxkaXKE7q8NOY2Dr
                                                                                                                                                                                                                                                                                                                                  MD5:9422AF4C8C350FB1FEE377E0E551CA5C
                                                                                                                                                                                                                                                                                                                                  SHA1:1386A131259C3A2B00DF843400150A1CF4E7A8C1
                                                                                                                                                                                                                                                                                                                                  SHA-256:A6972C49E66FE3C5026A1A1E26A06C49995CEC36FC522CB56461F5CF0B2B2978
                                                                                                                                                                                                                                                                                                                                  SHA-512:DB01105DDAE245D4660255324CA85F767F92EB3B0EA2D0BB8E246BA5DECEF8AD09687E8A48ABA9F7481099176EC3AB247826E9B8D8943C0FCF7BE4B3C167246D
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://cdn.cookielaw.org/scripttemplates/202401.2.0/otBannerSdk.js
                                                                                                                                                                                                                                                                                                                                  Preview:/** . * onetrust-banner-sdk. * v202401.2.0. * by OneTrust LLC. * Copyright 2024 . */.!function(){"use strict";var N=function(e,t){return(N=Object.setPrototypeOf||({__proto__:[]}instanceof Array?function(e,t){e.__proto__=t}:function(e,t){for(var o in t)Object.prototype.hasOwnProperty.call(t,o)&&(e[o]=t[o])}))(e,t)};function D(e,t){if("function"!=typeof t&&null!==t)throw new TypeError("Class extends value "+String(t)+" is not a constructor or null");function o(){this.constructor=e}N(e,t),e.prototype=null===t?Object.create(t):(o.prototype=t.prototype,new o)}var H,R=function(){return(R=Object.assign||function(e){for(var t,o=1,n=arguments.length;o<n;o++)for(var r in t=arguments[o])Object.prototype.hasOwnProperty.call(t,r)&&(e[r]=t[r]);return e}).apply(this,arguments)};function F(e,s,a,l){return new(a=a||Promise)(function(o,t){function n(e){try{i(l.next(e))}catch(e){t(e)}}function r(e){try{i(l.throw(e))}catch(e){t(e)}}function i(e){var t;e.done?o(e.value):((t=e.value)instanceof a?t:new a(fun

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 305

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Web Open Font Format (Version 2), TrueType, length 34640, version 1.131
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):34640
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):7.993552732594365
                                                                                                                                                                                                                                                                                                                                  Encrypted:true
                                                                                                                                                                                                                                                                                                                                  SSDEEP:768:1C366zXS9YQvaE7gAKd/Gc7voTQhJVgp42h042JfdKrSm:MqgXRQvaE7WZrYpzibqSm
                                                                                                                                                                                                                                                                                                                                  MD5:4562882014F7DF38316D04C4D89475EA
                                                                                                                                                                                                                                                                                                                                  SHA1:B56BD842693D3C17A9B09AF5A89100144D1CE88A
                                                                                                                                                                                                                                                                                                                                  SHA-256:5D80735B48C0F39F70E37251A2861D5470B765FB662213DA3A88D1C25867A440
                                                                                                                                                                                                                                                                                                                                  SHA-512:7D1CE83B4F217C8FF5C5B25D389C1475EFD5264C01638EBD4899B90AC560F06E8BEB3FFB962EA6C118AC5C819E7D74C97FD0F91BA43F2E03146401E5219D6124
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://d6vtbcy3ong79.cloudfront.net/fonts/2.2.7/metric/Metric-Regular.woff2
                                                                                                                                                                                                                                                                                                                                  Preview:wOF2.......P.......................8...:...........>.....R.`..`....R..s.....`..t..X.6.$........ ..I.....V[M.q...T..]...p..W..|..n.....r..D..U..p.........1..}....RDR++p.Y@..K......%...1...|T.g/[-. .......d..-..N{.......!.F[7}I....h...|..z.K.......p..j.s(Z.0..1.......$.n.4?....oE...R.e...^3...X....... ......&oy...7........F...>YM.?|....-.-.1..w..<&[.&r..l92re<_....z. ..$..J......s...x....*...E..L;gF.J{...J..,..h.5..3....O..?..P...I..w.R.1.I9...T...b....fN.M.*m. .."*(...w.q... 6.....N.EZ....e.+.Q??..~..>..}.Q.D....F....x.....y...2.h..DK.L..E...LIsu..IZ.....^.M:.L...........M..E...y.......?.U.0.1... !$.....)....{.].../.A....&.;FB.Uj....r.3.:.%.,.v.....\..,cv.\....w.....q^..0.........h.)...iU[.*."Z....<....I...4.a....".-X.^H3.....!......n.....~..8....g.2(p._.F-..... N.....;p....0.s.{..._v.dk......H@a.."...j.k0.../u..e.?...9..;.@s...!=..3^D.}.5c8.....,.H.c.Q]....1$...".g.m@....r..Y.w...U8.V....**.V\...D.=_..?..E ...|.....jl.8.$.w..c...5 !.L.!9v.kw

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 306

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):241
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.815595802294702
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:6:YMpLMajpHrHaaNmXxgU04nKUM8SpuiOoBmIhM2pFhhGzT:YSMwpHrHaaNmz04FQoiOoBmP2pFL+
                                                                                                                                                                                                                                                                                                                                  MD5:93EDAC014DAFA52AB3DF4BC411DCDCB8
                                                                                                                                                                                                                                                                                                                                  SHA1:6965320F45B13CEAD10B305B978B49248ED890A1
                                                                                                                                                                                                                                                                                                                                  SHA-256:63B4D2A473F6ED74E3F22E5181554C63886FC829B5A304B52FF4A60DA5CE847E
                                                                                                                                                                                                                                                                                                                                  SHA-512:295987044487FF5C29084CC2016219B86B46C4F8B3D5F1C6D507E14A5EFFB9D8FB1DB8102360BEDB6AF737B4EF70A078781D890D56636CE4D0CBE090DE26926C
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:{"ip":"154.16.105.36","country_code":"US","country_name":"United States","region_code":"AZ","region_name":"Arizona","city":"Phoenix","zip_code":"85004","time_zone":"America/Phoenix","latitude":33.4499,"longitude":-112.0712,"metro_code":753}.

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 307

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (58324)
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):650018
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.678782063557774
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:6144:n9mTUlvgG6An2sdZheUMNgXqCHDe5LfV9C8IJ5a:nQTUtgG6An2s7ZdXf8t
                                                                                                                                                                                                                                                                                                                                  MD5:4D99E547384F0FE8A7D6B4E94091B1AD
                                                                                                                                                                                                                                                                                                                                  SHA1:CE5E37B1F07DE6FCFB7D70633FDCE9515BDA277F
                                                                                                                                                                                                                                                                                                                                  SHA-256:D6C37EE63721950F756B71464A99A0EB6FBDFE3A7FCBB2B99842474D1CE7C2B8
                                                                                                                                                                                                                                                                                                                                  SHA-512:4A34ADA038F4337CC12F3223A141ACEA829508A0BA57DD835BBD46BB126FE6243A879D787317C3A7B6540943DC34565C6B7A4AC00738CFD2B82BE30CE2EB3C93
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://www.googletagmanager.com/gtm.js?id=GTM-6X92
                                                                                                                                                                                                                                                                                                                                  Preview:.// Copyright 2012 Google Inc. All rights reserved.. . (function(w,g){w[g]=w[g]||{};. w[g].e=function(s){return eval(s);};})(window,'google_tag_manager');. .(function(){..var data = {."resource": {. "version":"1100",. . "macros":[{"function":"__u","vtp_component":"URL","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__e"},{"function":"__u","vtp_component":"URL","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__jsm","vtp_javascript":["template","(function(){return window.location.protocol+\"\/\/\"+window.location.host+window.location.pathname})();"]},{"function":"__u","vtp_component":"URL","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__jsm","vtp_javascript":["template","(function(){return function(a){var c=[\/^(?!downloads\\.cdn)[^.]*\\.?telerik\\.com$\/,\/^(?!abldojo\\.services|community)[^.]*\\.?progress.com$\/,\"kinvey.com\",\"whatsupgold.com\",\/^(?!docs)[^.]*\\

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 308

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):67
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):3.9522734754511992
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:3:YGKeMfQ2pHWiR8HnH7OE9HstmyRHfHyY:YGKed2pHDYiElkjyY
                                                                                                                                                                                                                                                                                                                                  MD5:A3C0FEF79E5AA3D558CB31F43446CC65
                                                                                                                                                                                                                                                                                                                                  SHA1:1351602A11F88D358F2BCB7B2A9E6AC778A12F32
                                                                                                                                                                                                                                                                                                                                  SHA-256:C888D85A166193FF4213885592062A1EFE7CCF72FB449150C8CC9E3767FC2EAF
                                                                                                                                                                                                                                                                                                                                  SHA-512:0D4077C40C52D7B843CD3888E761FBC7FEA31EAA61F1B8DFDFFF430674CCF7BBA59102D3955FB234AE2693872091FB9844B7825C9981BDB98341873CD4C186C4
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
                                                                                                                                                                                                                                                                                                                                  Preview:{"country":"US","state":"NV","stateName":"Nevada","continent":"NA"}

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 309

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (507)
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):508
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.923119236427323
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:12:T+3+gdIbB9wniD+3+gdIMqB9NV0DiD+3+gdIQTB9biD+3+gdIsB9CJ:TVXB22VAqBJV2BIVwBA
                                                                                                                                                                                                                                                                                                                                  MD5:71013E9167AEAE887FCF49619715FE65
                                                                                                                                                                                                                                                                                                                                  SHA1:E81BD3ADCA65F075440D835F87409743119EB609
                                                                                                                                                                                                                                                                                                                                  SHA-256:D1566F3154CF309A6C04053F6F3B8B5FF4DA438F62A071F1C26A6007C036E76A
                                                                                                                                                                                                                                                                                                                                  SHA-512:3F1BF101CE89FFE10ADBDBDFEBC3F43D53C3A001154E6D491B7832857827DCB469EDECF4A16B9E156C748535E188E75D9325192D446406278796975182194603
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://d6vtbcy3ong79.cloudfront.net/fonts/2.2.7/css/metric.min.css
                                                                                                                                                                                                                                                                                                                                  Preview:@charset "utf-8";@font-face{font-family:Metric;src:url("../metric/Metric-Light.woff2") format("woff2");font-weight:100 300;font-display:swap}@font-face{font-family:Metric;src:url("../metric/Metric-Regular.woff2") format("woff2");font-weight:400;font-display:swap}@font-face{font-family:Metric;src:url("../metric/Metric-Medium.woff2") format("woff2");font-weight:500;font-display:swap}@font-face{font-family:Metric;src:url("../metric/Metric-Semibold.woff2") format("woff2");font-weight:600;font-display:swap}.

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 310

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (7787)
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):8984
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.361985875145399
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:192:IbvcZKLH54wHePVCo4CkelHJB5ZAfhKwTxgfIGK8yb5JM:IbvcK+seSelvzgbrb5JM
                                                                                                                                                                                                                                                                                                                                  MD5:57ABE4FF677BEB026C5D7BA7162CB1E8
                                                                                                                                                                                                                                                                                                                                  SHA1:0C76AFD818DDEF8490167B62FFB8FBA3ADF525C0
                                                                                                                                                                                                                                                                                                                                  SHA-256:BE7949D36ECA6859775F977520DCA1F70772986395BEAC31E05122EE1541EA3E
                                                                                                                                                                                                                                                                                                                                  SHA-512:3F70E9A6A6C4011F6726A3BD04C32AFF752790E9FF726176AE8B1D252FBB87A5F50434B0D6348C88D27AE26A68E261AD7E6ADA65F2DF5251DDA7F2FAF77453D7
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://static.hotjar.com/c/hotjar-66905.js?sv=7
                                                                                                                                                                                                                                                                                                                                  Preview:window.hjSiteSettings = window.hjSiteSettings || {"site_id":66905,"r":0.4884078550956476,"rec_value":8.191999995688093e-6,"state_change_listen_mode":"manual","record":true,"continuous_capture_enabled":true,"recording_capture_keystrokes":false,"session_capture_console_consent":false,"anonymize_digits":true,"anonymize_emails":true,"suppress_all":false,"suppress_all_on_specific_pages":[],"suppress_text":true,"suppress_location":false,"user_attributes_enabled":true,"legal_name":null,"privacy_policy_url":null,"deferred_page_contents":[],"record_targeting_rules":[],"feedback_widgets":[],"heatmaps":[],"polls":[],"integrations":{"optimizely":{"tag_recordings":false},"abtasty":{"tag_recordings":false},"mixpanel":{"send_events":false},"unbounce":{"tag_recordings":false},"google_optimize":{"tag_recordings":true},"hubspot":{"enabled":false,"send_recordings":false,"send_surveys":false}},"features":["survey.embeddable_widget","feedback.embeddable_widget","client_script.compression.pc","ask.popover_r

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 311

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (638)
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):20822
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.395404473632203
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:384:fJ1a/swXKlwWlaNhe5h6OL1+oDGvvWBlNRX2sZZg72d+U:CexaNhe5h6OR+oDkubNR7Zi6
                                                                                                                                                                                                                                                                                                                                  MD5:DB9C55B3FEDAC8D10BD097E9AA4A6B43
                                                                                                                                                                                                                                                                                                                                  SHA1:D48DD7450E3C03B2042F9D7F39080B4AC70567C5
                                                                                                                                                                                                                                                                                                                                  SHA-256:8C1D20EEDDA5C5FD996D82D5D3B87A3A6DA24735FE96458BFF21D13D3CC1D1E1
                                                                                                                                                                                                                                                                                                                                  SHA-512:D7BECD817E352245213190C1A722DEDB453A78262833210DC921F30BDFA8FBAFB2853549E687EACA4A4840A389337701DDDF3F8AF665150E2F64161EFC91DA43
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://cdn.cookielaw.org/consent/3dfce4f2-dab6-4128-9f33-df7e0597da82/otSDKStub.js
                                                                                                                                                                                                                                                                                                                                  Preview:(function(w){function x(){var a=this;this.implementThePolyfill=function(){var b=Element.prototype.setAttribute;Element.prototype.setAttribute=function(c,d){if("style"!==c.toLowerCase()&&b.apply(this,[c,d]),"style"!==c.toLowerCase()||d||this.removeAttribute("style"),"style"===c.toLowerCase()&&d){this.removeAttribute("style");var f;c=a.strToObj(d);for(f in c)this.style[f]=c[f]}}}}function A(a,b,c){function d(l){return l?(";"!==(l=l.trim()).charAt(l.length-1)&&(l+=";"),l.trim()):null}void 0===c&&(c=.!1);var f=d(a.getAttribute("style")),g=d(b);b="";b=c&&f?function(){for(var l=f.split(";").concat(g.split(";")).filter(function(B){return 0!==B.length}),m="",n="",r=l.length-1;0<=r;r--){var y=l[r].substring(0,l[r].indexOf(":")+1).trim();0>m.indexOf(y)&&(m+=y,n+=l[r]+";")}return n}():g;a.setAttribute("style",b)}function k(){var a=this;this.iabType=null;this.iabTypeAdded=!0;this.crossOrigin=null;this.isAmp=!1;this.domainId="";this.isPreview=this.isReset=!1;this.nonce=this.geoFromUrl="";this.setAt

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 312

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Web Open Font Format (Version 2), TrueType, length 34032, version 1.131
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):34032
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):7.992900407271375
                                                                                                                                                                                                                                                                                                                                  Encrypted:true
                                                                                                                                                                                                                                                                                                                                  SSDEEP:768:O0klUTIlUaWqtEfQVDW97f/4JjD3Mqbl+t3lxfUX6G7H8:OflUT+Wqt1AL/4JjD39blAzUXVc
                                                                                                                                                                                                                                                                                                                                  MD5:249B877FDD0EB071E09DF73645C12B71
                                                                                                                                                                                                                                                                                                                                  SHA1:344CB223DB5C230194D475800A9DDD02BACDE734
                                                                                                                                                                                                                                                                                                                                  SHA-256:9642881515BD7496BC1EBB7BAB132D109E109614E36D8ACC6731633D03797050
                                                                                                                                                                                                                                                                                                                                  SHA-512:4A2604164DBEB42878DA36E7D7EEAFE8EB12678E8410983D36C9CA10BD259299B5262EA19D9AA47EA64986BCC6EB40E78754BE434D0A595FE29ACDAAF22D3780
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://d6vtbcy3ong79.cloudfront.net/fonts/2.2.7/metric/Metric-Light.woff2
                                                                                                                                                                                                                                                                                                                                  Preview:wOF2...................J...........<...6...........>.....R.`..`....R..s..... ..3..X.6.$........ ..5.....V[x~...n..........Z......n.....]\F..t...'.u.o......vR.C..i........bBe....z.d..t`.. ..&.......`.p.V..>.D....s....'oB..^.H9.s2...2.(.b.;.4u.6..AHf;..Z.S=.....O.u.....nuHG..#u-&.=.J2l..S.........._..3..1..y..u....Gw.+3..{.R...........l....!..;.p....l.Q..0X.*...9.{I...,..../qD!..r.v.5y..(..#..;.$+_..~..}.J..D'|(........../...$.3.......H.....Q.8.By..T..Vn...6~.G].....,.A2..=.0.{.....o.T!u.*.cEX..X.J.2*7..j..EH.L:MO..O...6..q...2BrT...[.><.z.....\..@".3...b[.....f......`(.h.D.......4.h?B.!.*V.|\..T.k.......I.I.}h.....z^./...2.p..F.......G7.......8.<3i..."Z.-. @Hr...m..!."..%...]...?..f.Fb0* ...60... X..(......a-.XZl).h.i.4......v.fw.&}.'..ll,#.2.oNT.W..?a46f@R.....H..B.K^.Mn.f....F.[..I.ty ...`L.].gQ@...u.+...t.<IO.iH.......+@..............CwQ...CL......]N..Q.?W.txtR.|...#g..{....U..@}........ .=...L.]..H.J.0...n!.....0.E..............

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 313

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (65376)
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):164555
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.681623231652163
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:1536:xv09AJO708IjTejxbf2UNP9pAy7LwtF4mP5Uj7aSzJxyAA3Jt1AAo9bSJRXYGK0W:C9QRWVbuUNVyyWF4mBeJFSX1BGYR1s
                                                                                                                                                                                                                                                                                                                                  MD5:BF8D2771C0AAF780E082E3EA7098F141
                                                                                                                                                                                                                                                                                                                                  SHA1:85F7A0128C756392B1D7D4A4BECD8C2582DA27DA
                                                                                                                                                                                                                                                                                                                                  SHA-256:B51AB0E6D0E98CB3B345EBFBB2114851AC7B1724C59FD3BF71A652FEA610A838
                                                                                                                                                                                                                                                                                                                                  SHA-512:DDC6C63F64B075E91B2D38C0BBF9AEDF659FECFEADB0B0B771BF14C8C3D80CC66549B7ECFD3C64D0249579B04AA08EA82E55A17A739FDF06B788E9E8A1C2013E
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://cl.qualaroo.com/ki.js/24100/4Nr.js
                                                                                                                                                                                                                                                                                                                                  Preview:// Qualaroo for telerik.com.// (C) 2024 Qualaroo. All rights reserved..// qualaroo.com..//$ site: 19547, generated: 2024-04-10 11:45:58 UTC.//$ client: 2.0.70..if(typeof KI == 'undefined'){KI=function(){"use strict";var _,e,i,t,s,o,n,r,l,a,d,c,p,u,m,k,h,g,f,b,x,v,w,y,q,z,S,j,I,A,T,O,C,E,V,N,L,P,R,F,D,M,B,U,H,X,W,G,Y,Q,K,J,Z,$,__,e_,i_,t_,s_,o_,n_,r_,l_,a_,d_,c_,p_,u_,m_,k_,h_,g_,f_,b_,x_,v_,w_,y_,q_,z_,S_,j_,I_,A_,T_,O_,C_,E_,V_,N_,L_,P_,R_,F_,D_,M_,B_,U_,H_,X_,W_,G_,Y_,Q_,K_,J_,Z_,$_,_e,ee,ie,te,se,oe,ne,re,le,ae,de,ce,pe,ue,me,ke,he,ge,fe,be,xe,ve,we,ye,qe,ze,Se,je,Ie,Ae,Te,Oe,Ce,Ee,Ve,Ne,Le,Pe,Re,Fe,De,Me,Be,Ue,He,Xe,We,Ge,Ye,Qe,Ke,Je,Ze,$e,_i,ei,ii,ti,si,oi,ni,ri,li,ai,di,ci,pi,ui,mi,ki,hi,gi,fi,bi,xi,vi,wi,yi,qi,zi,Si,ji,Ii,Ai,Ti,Oi,Ci,Ei,Vi,Ni,Li,Pi,Ri=window,Fi=Ri.document,Di=Fi.documentElement,Mi=Fi.location,Bi=Ri.navigator,Ui=Ri.screen,Hi=Ri.getComputedStyle,Xi=function(_){return typeof _},Wi=void 0,Gi=Array,Yi=Date,Qi=Number,Ki=Object,Ji=String,Zi=Ri.JSON,$i=clearTimeout,_t=s

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 314

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):206519
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.29417172882611
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:1536:gzBG80xEYJCEI3s1Y/H6iW3Kfzo2OL6ykU9tuqH3vRuSSlYRqp9R7B:CBwSYJCZ8qDO5kUHOlYQ/R7B
                                                                                                                                                                                                                                                                                                                                  MD5:CC3FA0EACE0361F26D862AED38BAE88B
                                                                                                                                                                                                                                                                                                                                  SHA1:A3E5256F35487D60D3745AB93F841D2A97027B18
                                                                                                                                                                                                                                                                                                                                  SHA-256:415255C5F39C7FF4E07687518C0EECA229BE0373F1990E9E4F166A1F9FD45629
                                                                                                                                                                                                                                                                                                                                  SHA-512:A3F0EDBB33BD204CD15C120245B63F6C73F06F81AF2D69ACA290D46D95F10F1A16B52C6A6AB1B1A9ACEBCE45F026DC178660E42096966C51DCF612F707D22810
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:{"DomainData":{"pccloseButtonType":"Icon","pclifeSpanYr":"Year","pclifeSpanYrs":"Years","pclifeSpanSecs":"A few seconds","pclifeSpanWk":"Week","pclifeSpanWks":"Weeks","pccontinueWithoutAcceptText":"Continue without Accepting","MainText":"Privacy Preference Center","MainInfoText":"When you visit any web site, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences or your device and is mostly used to make the site work as you expect it to. The information does not usually directly identify you, but it can give you a more personalised web experience.\n\nBecause we respect your right to privacy, you can choose not to allow some types of cookies. Click on the different category headings to find out more and change our default settings. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer.","AboutText":"More information","AboutCookiesText":"Your

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 315

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (19993)
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):20033
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.179510694342752
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:384:oo4rl6BKdcawcItq2Ct/LGBb15WN5eyJz2QW/pdpzuxHycnSrTfWPpqlqfLDHpy+:o1rl3dciItxKTOBK5fFhW/pdpzuxH8PU
                                                                                                                                                                                                                                                                                                                                  MD5:F5289F040E2E68EC01EF635E65D1160D
                                                                                                                                                                                                                                                                                                                                  SHA1:8461201FA147B8A4880B4A7E6E686EEFA952A2FF
                                                                                                                                                                                                                                                                                                                                  SHA-256:4C14B5FB02D682911D0408A0C5A914E77AE945B324C7D83152BD569F85EBAB76
                                                                                                                                                                                                                                                                                                                                  SHA-512:A18883295836E5216582D259D0B76995EEF818DC04A94709CC4D6658669CFFB68E4BAE398BF9B93746F3B1AA6FCFAF725A8E4ADACD5309932C016CAEE0B233C0
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://d6vtbcy3ong79.cloudfront.net/telerik-navigation/3.5.25/js/index.min.mjs
                                                                                                                                                                                                                                                                                                                                  Preview:!function(){"use strict";const t={activeClass:"TK-Nav-Overlay--Active"};class e{constructor(e,s){this.options=Object.assign({},t,s),this.element=e,this.activeClass=this.options.activeClass,this.hidden=!0}show(){this.hidden&&this.element&&(this.element.classList.add(this.activeClass),this.hidden=!1)}hide(){!this.hidden&&this.element&&(this.element.classList.remove(this.activeClass),this.hidden=!0)}addEventListener(t,e,s=!1){this.element&&this.element.addEventListener(t,e,s)}}const s="transition"in document.documentElement.style,n=t=>"function"==typeof t,i={hover:!1,click:!1,activeClass:"TK-Dropdown--Active",beforeOpenHook:()=>{},beforeCloseHook:()=>{}};class o{constructor(t,e){t&&(this.element=t,this.options=Object.assign({},i,e),this.closed=!0,this.running=!1,this.parent=this.options.parent||t.parentElement,this.button=this.options.button||this.parent.firstElementChild,this.beforeOpenHook=this.options.beforeOpenHook,this.beforeCloseHook=this.options.beforeCloseHook,this.init())}run(){i

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 316

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (5140)
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):66411
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.32943921153809
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:1536:RJeUwT76HXltMHM9eEqJ1UJnTZ02LKVlEyN:RIT7OX4s9eZYtj8ltN
                                                                                                                                                                                                                                                                                                                                  MD5:543B4B164CD7BC65EA500A416CBF170C
                                                                                                                                                                                                                                                                                                                                  SHA1:D23BC6CEB89ECECBC9E271ADF67CD7A530D97E92
                                                                                                                                                                                                                                                                                                                                  SHA-256:E8D0D656F8485909F397F27858B26423465D6A6F7EAC39FA62DF88867835FB9C
                                                                                                                                                                                                                                                                                                                                  SHA-512:E1F45B9C3B4CD4C5AEE5A0DAA365939E884A4887E1C6655C79195BC5D412D61506B437F4703467EEC19C3A41E5D6CBB9019F75D331EEAC04E33092BEE79051E1
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://connect.facebook.net/signals/config/1444093252502226?v=2.9.154&r=stable&domain=www.telerik.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
                                                                                                                                                                                                                                                                                                                                  Preview:/**.* Copyright (c) 2017-present, Facebook, Inc. All rights reserved..*.* You are hereby granted a non-exclusive, worldwide, royalty-free license to use,.* copy, modify, and distribute this software in source code or binary form for use.* in connection with the web services and APIs provided by Facebook..*.* As with any software that integrates with the Facebook platform, your use of.* this software is subject to the Facebook Platform Policy.* [http://developers.facebook.com/policy/]. This copyright notice shall be.* included in all copies or substantial portions of the software..*.* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR.* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS.* FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR.* COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER.* IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN.* CONNECTION WI

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 317

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (6216)
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):6217
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.146261761606895
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:192:xELuE2KC/lIfYj0wMKOHOMAGIvjG5BoAKK5rHjnuodO9k:x+xe0hKOuMA57Gjoo5rD3dO9k
                                                                                                                                                                                                                                                                                                                                  MD5:1D75EFAB0FFDF8A025BD7C15E886C753
                                                                                                                                                                                                                                                                                                                                  SHA1:B89CE8787FD8B4C4F87F97901B28D42F696FC605
                                                                                                                                                                                                                                                                                                                                  SHA-256:1D5CFE14D65ACCC4BD1DF0D7C3BB65BE70D0F4E94A5F9D40465343A2807548AE
                                                                                                                                                                                                                                                                                                                                  SHA-512:BE556C42FD60C566D8364F8922C9545E49BB48B8AB2B39ADD30D67F6831FC03C135EF0603B488FCE486D54161063F59150327FAF09E72A64B920D40A3F039624
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://rum-static.pingdom.net/prum.min.js
                                                                                                                                                                                                                                                                                                                                  Preview:!function(){"use strict";function t(t,e){return Object.keys(t).map((function(n){return n+"="+(e?t[n]:encodeURIComponent(t[n]))})).join("&")}function e(t,e){var n,o,r={};return t&&"string"==typeof t?(t.trim().split("&").forEach((function(t){n=t.indexOf("="),o=t.substring(n+1),r[t.substr(0,n)]=e?o:decodeURIComponent(o)})),r):r}function n(t){return t instanceof Date&&(t=t.valueOf()),"number"==typeof t&&parseInt(t.toString().substring(0,10),10)}function o(){var t={},e=arguments;e[0]instanceof Array&&(e=e[0]);for(var n=0,a=e.length;n<a;n++){var s=e[n];if(r(s))s=o(s);else if(!i(s))continue;Object.keys(s).forEach((function(e){s.hasOwnProperty(e)&&(t[e]=s[e])}))}return t}function r(t){return"[object Array]"===Object.prototype.toString.call(t)}function i(t){return"[object Object]"===Object.prototype.toString.call(t)}function a(e,n,r,a){function s(s,c){var u=a||!1;if(i(c)&&(c=o({id:n.getSiteID()},c)),"GET"===s&&(r=function(e){return r+"?"+t(e)}(c)),-1!==e.navigator.appName.indexOf("Internet Expl

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 318

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Web Open Font Format (Version 2), TrueType, length 32412, version 1.131
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):32412
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):7.993015655514893
                                                                                                                                                                                                                                                                                                                                  Encrypted:true
                                                                                                                                                                                                                                                                                                                                  SSDEEP:768:CTRE0P8rgUJNQIdN8Z5W/A1aRndBnwESJjs2gnXs2XZTpzQ:CTZP9UjTPIW/A0RndBwBjsxXfl8
                                                                                                                                                                                                                                                                                                                                  MD5:C8B62860D3E187860F9EB25AE4B5EA0E
                                                                                                                                                                                                                                                                                                                                  SHA1:426F75FE868E4ED43556000FD2ADB28C112114FE
                                                                                                                                                                                                                                                                                                                                  SHA-256:E8DFD28C31CD9887ABF07A330C4066D42653792733222E1D7508B4F6AC25B446
                                                                                                                                                                                                                                                                                                                                  SHA-512:E97A9152952C4812C8C7E6C0D00FBE11B62FE849C565493C7353B9EA0861729E6290AE7CE4625800AB9A5DB215405DC7019A8056F65D078A81CC9C04DD94A422
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://d6vtbcy3ong79.cloudfront.net/fonts/2.2.7/metric/Metric-Medium.woff2
                                                                                                                                                                                                                                                                                                                                  Preview:wOF2......~.......jX..|.......}d...8...8...........$.....[.`..`..6.4..s.....d.....$.6.$..>..0.. ..?..X..O[.O...n..7H....f.*..%x...z....A...Aw.{J.{........Td.&..............p...6...Q..@.1n.....+.F...*.mT.-..r.G.9.l5.....q..E1....z..Z...Qb..M-.b0..f>=..p.[......O..d...L....".P.3D....$=<.rd.'...p..8.9.jX....2Qu........N2.E/....../t....}M{Q.srOE....Y...s.0k.V.^..Nx.t...b.....j4b.o.m...<FD.^U.?}g..k.......#M&.d......a.}...?._..a..d..v..`....W.......U.l\.FKF.2Sc........f..@..#k...c.....#.E..D...H\.>6Faa``..=...........Q3.?M.>.....~.@.Q........''S.!o..t:.,/.<J..;........3&.-.L....=(.`l...B.\B.>.2.hF.....V..,C..M.s}....\G...R..........j..nPh...[...f..5C.(....i.X4.h......<.e)...K..q.J.1.8..s,..P.^y.(...:...o..:.....r9@....?@{`k.5.+W.$I.$I.$......dV...<...T>...J...p.e...K..p.n....,.E...K........@.H.\].........O{.x..V}1"1;......*..._...U. t.}.v18..!...V!.sdJ.0r..u..@.nU.-r.....pbZ....&.|.s).....BE....[....itW..k......._.N*[.8...N2.m......MlQ..

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 319

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Web Open Font Format (Version 2), TrueType, length 35758, version 1.131
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):35758
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):7.99380899225104
                                                                                                                                                                                                                                                                                                                                  Encrypted:true
                                                                                                                                                                                                                                                                                                                                  SSDEEP:768:WSQZ2UeSOE1Qp25f31PGFL/NXUrwRzkgy3JHzgM3sAHXSS:bQZReSn1VtPclXUrS+JHzgMcAHp
                                                                                                                                                                                                                                                                                                                                  MD5:EDBB294CE5BB567F873A96D00F1F8813
                                                                                                                                                                                                                                                                                                                                  SHA1:3ADD27C280D1C5E3804D453ACC1A5FD86D805094
                                                                                                                                                                                                                                                                                                                                  SHA-256:30C970EED7BC24DBD036EBF22B16FECF9E5DFFFC1442C3379236C43D3797A596
                                                                                                                                                                                                                                                                                                                                  SHA-512:2B701736491E4FDB9308E5285C2FE279729579FA8EBACE7BAED3504A7023EF8AAFA27CABA5F89C14EF7380CDA74973AA9A67F1512C5621EDE9333A09ED695BD2
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://d6vtbcy3ong79.cloudfront.net/fonts/2.2.7/metric/Metric-Semibold.woff2
                                                                                                                                                                                                                                                                                                                                  Preview:wOF2...............`...........p...>...<...........^..<..Y.`..`..,.F..s.....h..Y..`.6.$..6..,.. ..S..m...[.....=-..6..U=......... .fI.\7..[.Yx.v..-......._.Td..i...!.*.....yH..D.. b.N.LA9T.....(].k.j.5 x......R..}..\..r.F....M._.3.>q.]6..k.j.O..;..4....J.Ap..U.v.p....k...!...0..7.8.J.M.U..A..]...0\q:.:S.B 7..!9C/E...7N.9.o....{.j.....d..+..9......+.x..kqX..]`....#....Fk...')..r..$T]u..RT..C....V.G.{.W..,....T.:.&...U7....2...#.b.U.W...?...J*P#..v{9..A.../.......M.#/.D..A..fH-.H..f....fi^.j..3bg.j..T&..)...P-......].9.....#...*d.B.$.Q-...v.......{..... ..6b.....x.8+...........02..b&_....z...E....!....)`.....SHB.:E...~.....R$.o..J\.M......sO...YU.._......!n<.t..{.F.^..c........)<.V........t/.9...*k.B.%....&..JS...m.6.q............jtJd....@2..I...m.[.SI.).n._.....W....Q.1L....d...r...|p..C..K.L...*%<...kh.<.$..8U6.U...... .J...!4R,..f.&{Y(.b#e..0..(....n;?.P..x......Ls......* Kt.e,'..q....g.U..3.WZ..l[...gu.u.._u..}...O..Fm.L......2B.Q...c...j.

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 320

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):953
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.264600346715705
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:24:5o7iEfbRklr3w9lT91toiQ/+OV7e7hbu+jomm2Y:+LfM091t9Q/Va7o+8mPY
                                                                                                                                                                                                                                                                                                                                  MD5:5BC6618FDAF65ED3A23E5EE17295291B
                                                                                                                                                                                                                                                                                                                                  SHA1:EA8A4B57D04B932C6C3EA7627EEB2BD6D3F26A47
                                                                                                                                                                                                                                                                                                                                  SHA-256:2BA36D93F77475018B08244FF704D516FE68D980D92638849A008F731B6438B5
                                                                                                                                                                                                                                                                                                                                  SHA-512:D76BBA5E2D3B550A86AA7B2CAE88E2659EF65877830A5F70FD1A9827763E3D46F223A4BF46FF0E0A7E5A10C1662E71E25D3A7AF0B3629119AD6C9B9753B9FB86
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:"https://www.telerik.com/RestApi/personalizations/render?pageNodeId=5ceb4be1-05bd-4c69-892a-2c2bbd37538b&pageDataId=1f960fad-aef2-4475-8978-52fb7a29dbc9&pageNodeKey=5CEB4BE1-05BD-4C69-892A-2C2BBD37538B/b31ca85c-a1c5-4a9d-8b5d-e7b0736a8b16/SitefinitySiteMap&url=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&controls=09f9bb4f-5990-40af-b361-7849c73c9604_1,0cd3f511-e7d9-4e23-8773-26005ae09893_1,25637a62-a321-49a0-8b7e-5962dc977e95_1,6b5ac4dc-8fd0-4043-bd0a-e9ffd31e3bc8_1&correlationId=lvd0q0oezinv502q4f"
                                                                                                                                                                                                                                                                                                                                  Preview:[{"ControlId":"09f9bb4f-5990-40af-b361-7849c73c9604","Content":"<hr class=\"u-mt4 u-mb6\" /><h2>Do you need to build complex UI fast? </h2>"},{"ControlId":"0cd3f511-e7d9-4e23-8773-26005ae09893","Content":"\r\n\r\n <div class=\"u-tar\">\r\n <img src=\"https://www.telerik.com/sfimages/default-source/productsimages/kendo-ui-complete/kendoka_icon.png?sfvrsn=922435fb_2\" />\r\n </div>\r\n"},{"ControlId":"25637a62-a321-49a0-8b7e-5962dc977e95","Content":"\r\n\r\n<p class=\"u-fs20\"><a href=\"https://www.telerik.com/kendo-ui\">Try Kendo UI</a>: a complete JavaScript UI component library that allows you to quickly build eye-catching, responsive and performant web apps using jQuery, Angular, React or Vue. Speed up your development: access this large library of high-quality components, from sophisticated grids and charts to buttons and menus!</p>"},{"ControlId":"6b5ac4dc-8fd0-4043-bd0a-e9ffd31e3bc8","Content":""}]

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 321

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (1504), with no line terminators
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):1504
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.220464607812732
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:24:cjXz2YRhXVdpJnNjxdTPVyp0QRXKvbtJlNnTiBiDQfHEhOlrI3oG5t:YaShldJxdTPVyi1vHvsfHEQVI31t
                                                                                                                                                                                                                                                                                                                                  MD5:40722D9E1D8FAEF94FF280942C4195EF
                                                                                                                                                                                                                                                                                                                                  SHA1:022EAFFDD04D6434AE9D98E787BB8B3E7B9BDEE1
                                                                                                                                                                                                                                                                                                                                  SHA-256:99351CD9107CB14F24DB794523F2F01ADA5D93853BFA5717121AE353336FE49E
                                                                                                                                                                                                                                                                                                                                  SHA-512:F940281F35000E0144DF891354A4BCF69F1A131BC4C8AD766E149107DF53531C5B4573FE1FDAB57EFC2D8C743068A44B32FB27F7085926240954F9DBBA6ECC42
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://d6vtbcy3ong79.cloudfront.net/external-assets/1.0.22/utils/store-lead-data.min.js
                                                                                                                                                                                                                                                                                                                                  Preview:!function(){"use strict";function a(e,h){for(var c=null,f=h.split("&"),d=0;d<f.length;d++){var b=f[d].split("=");if(b[0]===e)return b[1];"ReturnUrl"===b[0]&&(c=b[1])}if(c){var g=unescape(c).split("?");if(g.length>1)return a(e,g[1])}}var j=function(){for(var b=[".telerik.com",".ipswitch.com",".whatsupgold.com",".progress.com",".chef.io",".kemptechnologies.com","kemptechnologies.com",".flowmon.com", "freeloadbalancer.com"],c=window.location.hostname,a=0;a<b.length;a++)if(-1!=c.indexOf(b[a]))return b[a];return null}();if(!function(e){for(var c=e+"=",d=decodeURIComponent(document.cookie).split(";"),b=0;b<d.length;b++){for(var a=d[b];" "===a.charAt(0);)a=a.substring(1);if(0===a.indexOf(c))return a.substring(c.length,a.length)}return null}("prgs_utm")&&j){var b=window.location.search.substring(1),d=a("utm_source",b),e=a("utm_medium",b),f=a("utm_campaign",b),g=a("utm_content",b),h=a("utm_term",b),i=document.referrer?document.referrer:void 0;if(d||e||f||g||h||i){if(!d&&!e&&!f&&!g&&!h){var c=ne

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 322

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Unicode text, UTF-8 text, with very long lines (35526), with NEL line terminators
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):94660
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.326943116342795
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:768:qx2LXx38FgcQ/CscrsyhvB2zR3mix2fBG2Yxsj6p4egnlGJEE3ViqnsHe33OCHZs:qx2VjiXrL2T+V0QGeMnmY3vVaq6SQtk4
                                                                                                                                                                                                                                                                                                                                  MD5:06FF9A1F9EC9B3530181DEB602734487
                                                                                                                                                                                                                                                                                                                                  SHA1:B3485D7DDE1EC57A3915D1079237C8C34A5198C1
                                                                                                                                                                                                                                                                                                                                  SHA-256:3A6010648EF6C726A291C5471AA8BDB555904B0639BE98A7F159F8752F1A2F5D
                                                                                                                                                                                                                                                                                                                                  SHA-512:15681CF8EE2D7A67312F46C137C2CA3B98ADA59BEA3FA623248453634FC3DF851888134E86E73C7E6DF339E5163F930B8ECC4ADAD5C3D51F0A0EBFA0A750BF32
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://dtzbdy9anri2p.cloudfront.net/cache/b3485d7dde1ec57a3915d1079237c8c34a5198c1/telerik/js/dist/polyfills.min.js
                                                                                                                                                                                                                                                                                                                                  Preview:!function(){"use strict";var L="undefined"!=typeof globalThis?globalThis:"undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof self?self:{};function t(t,e){return t(e={exports:{}},e.exports),e.exports}function e(t){return t&&t.Math==Math&&t}function y(t){try{return!!t()}catch(t){return!0}}function o(t,e){return{enumerable:!(1&t),configurable:!(2&t),writable:!(4&t),value:e}}function i(t){return j(x(t),8,-1)}function d(t){if(null==t)throw R("Can't call method on "+t);return t}function s(t){return P(d(t))}function O(t){return"function"==typeof t}function g(t){return"object"==typeof t?null!==t:O(t)}function n(t,e){return arguments.length<2?function(t){return O(t)?t:void 0}(b[t]):b[t]&&b[t][e]}var r,a,b=e("object"==typeof globalThis&&globalThis)||e("object"==typeof window&&window)||e("object"==typeof self&&self)||e("object"==typeof L&&L)||function(){return this}()||Function("return this")(),h=!y(function(){return 7!=Object.defineProperty({},1,{get:function(

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 323

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (31952)
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):51997
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.204962183121607
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:1536:nWoeUZEdA6kJnaR49DefwM4eA7ErNJ3zy2TwhOB:WoeUZYA6kJnaR49DefwM4/7Ern9B
                                                                                                                                                                                                                                                                                                                                  MD5:6ED083A6DC588DDBBB7CBAAA0B095D12
                                                                                                                                                                                                                                                                                                                                  SHA1:E0AD9E1F12075619ECB6C998882CC32D31467F1F
                                                                                                                                                                                                                                                                                                                                  SHA-256:67A10995EB77CE1B1E0B0A368965E39AD949D5E45867092F577B86EB4FEFB587
                                                                                                                                                                                                                                                                                                                                  SHA-512:DFB1F3E81B29D3D4CFEEACDD331A84D5D7013AF4D90C77A86253990224B929254C84C3EA283DA47F998353964EB5AECD1E8ACE76B56B0D27E7519A7516A94621
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://cdn.insight.sitefinity.com/sdk/sitefinity-insight-client.min.3.1.13.js
                                                                                                                                                                                                                                                                                                                                  Preview:var sfDataIntell=sfDataIntell||{};sfDataIntell.constants={sdkVersion:"js-3.1.36",cookieName:"sf-data-intell-subject",docsCookieName:"sf-ins-lst-doc-trckd",sessionCookieName:"sf-ins-ssid",pageVisitIdCookieName:"sf-ins-pv-id",sfTrackingIdsStorageKey:"sf-tr-ids-storage",sfSessionIdsStorageKey:"sf-ss-ids-storage",endpoints:{apiServer:"https://api.insight.sitefinity.com"},headers:{authorization:"Authorization",datacenterkey:"x-dataintelligence-datacenterkey",subject:"x-dataintelligence-subject",ids:"x-dataintelligence-ids",datasource:"x-dataintelligence-datasource",contacts:"x-dataintelligence-contacts",sdkVersion:"x-dataintelligence-sdk-version"},crossDomainTrackingMessages:{getClientGroup:"getClientGroup",setClientTestGroup:"setClientTestGroup",getClientJourney:"getClientJourney",setClientJourney:"setClientJourney",hubReady:"hubReady"},crossDomainTrackingQueryParamKey:"instrck",crossDomainTrackingParams:{apiKeyParam:"a",subjectIdParam:"s",dataSourceParam:"d",timeCreatedParam:"t",sessionId

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 324

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):953
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.264600346715705
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:24:5o7iEfbRklr3w9lT91toiQ/+OV7e7hbu+jomm2Y:+LfM091t9Q/Va7o+8mPY
                                                                                                                                                                                                                                                                                                                                  MD5:5BC6618FDAF65ED3A23E5EE17295291B
                                                                                                                                                                                                                                                                                                                                  SHA1:EA8A4B57D04B932C6C3EA7627EEB2BD6D3F26A47
                                                                                                                                                                                                                                                                                                                                  SHA-256:2BA36D93F77475018B08244FF704D516FE68D980D92638849A008F731B6438B5
                                                                                                                                                                                                                                                                                                                                  SHA-512:D76BBA5E2D3B550A86AA7B2CAE88E2659EF65877830A5F70FD1A9827763E3D46F223A4BF46FF0E0A7E5A10C1662E71E25D3A7AF0B3629119AD6C9B9753B9FB86
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:"https://www.telerik.com/RestApi/personalizations/render?pageNodeId=5ceb4be1-05bd-4c69-892a-2c2bbd37538b&pageDataId=1f960fad-aef2-4475-8978-52fb7a29dbc9&pageNodeKey=5CEB4BE1-05BD-4C69-892A-2C2BBD37538B/b31ca85c-a1c5-4a9d-8b5d-e7b0736a8b16/SitefinitySiteMap&url=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&controls=09f9bb4f-5990-40af-b361-7849c73c9604_1,0cd3f511-e7d9-4e23-8773-26005ae09893_1,25637a62-a321-49a0-8b7e-5962dc977e95_1,6b5ac4dc-8fd0-4043-bd0a-e9ffd31e3bc8_1&correlationId=lvd0qj2kn097okrw3nn"
                                                                                                                                                                                                                                                                                                                                  Preview:[{"ControlId":"09f9bb4f-5990-40af-b361-7849c73c9604","Content":"<hr class=\"u-mt4 u-mb6\" /><h2>Do you need to build complex UI fast? </h2>"},{"ControlId":"0cd3f511-e7d9-4e23-8773-26005ae09893","Content":"\r\n\r\n <div class=\"u-tar\">\r\n <img src=\"https://www.telerik.com/sfimages/default-source/productsimages/kendo-ui-complete/kendoka_icon.png?sfvrsn=922435fb_2\" />\r\n </div>\r\n"},{"ControlId":"25637a62-a321-49a0-8b7e-5962dc977e95","Content":"\r\n\r\n<p class=\"u-fs20\"><a href=\"https://www.telerik.com/kendo-ui\">Try Kendo UI</a>: a complete JavaScript UI component library that allows you to quickly build eye-catching, responsive and performant web apps using jQuery, Angular, React or Vue. Speed up your development: access this large library of high-quality components, from sophisticated grids and charts to buttons and menus!</p>"},{"ControlId":"6b5ac4dc-8fd0-4043-bd0a-e9ffd31e3bc8","Content":""}]

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 325

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (21778), with no line terminators
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):21778
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.769188103585108
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:384:+Z8C4hGoFjlCS7FGAVsq1nwGfg4xqsQMPNE:JmJ
                                                                                                                                                                                                                                                                                                                                  MD5:73BC4067D312180A1B19A4D883F42D6A
                                                                                                                                                                                                                                                                                                                                  SHA1:AD328A9A572FBEA43F295E7769835FF08F6FF1FD
                                                                                                                                                                                                                                                                                                                                  SHA-256:D3F7B0EC4DE079928A999641E781E80F33597A392A561BC460276DFB4EFB6EEC
                                                                                                                                                                                                                                                                                                                                  SHA-512:20B89462521684C258A8CE15E94DA67182C66397B0DE528357E01294FF06883C1AD96037A9D739E4575DB8722B1A1967578709A0C844CD45A49E6A51E1B6479D
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:#onetrust-banner-sdk{-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%}#onetrust-banner-sdk .onetrust-vendors-list-handler{cursor:pointer;color:#1f96db;font-size:inherit;font-weight:bold;text-decoration:none;margin-left:5px}#onetrust-banner-sdk .onetrust-vendors-list-handler:hover{color:#1f96db}#onetrust-banner-sdk:focus{outline:2px solid #000;outline-offset:-2px}#onetrust-banner-sdk a:focus{outline:2px solid #000}#onetrust-banner-sdk #onetrust-accept-btn-handler,#onetrust-banner-sdk #onetrust-reject-all-handler,#onetrust-banner-sdk #onetrust-pc-btn-handler{outline-offset:1px}#onetrust-banner-sdk.ot-bnr-w-logo .ot-bnr-logo{height:64px;width:64px}#onetrust-banner-sdk .ot-tcf2-vendor-count.ot-text-bold{font-weight:bold}#onetrust-banner-sdk .ot-close-icon,#onetrust-pc-sdk .ot-close-icon,#ot-sync-ntfy .ot-close-icon{background-size:contain;background-repeat:no-repeat;background-position:center;height:12px;width:12px}#onetrust-banner-sdk .powered-by-logo,#onetrust-banner-sdk .ot-pc-fo

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 326

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (7166)
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):7167
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.190466201372114
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:192:HA0hI++t++85Qfyq8SH2qA4qXOv77NTo6msdA:g0hIjjYq4ifNav
                                                                                                                                                                                                                                                                                                                                  MD5:A5451F021D9CF7B2205C27DA50B288DE
                                                                                                                                                                                                                                                                                                                                  SHA1:5C1B8DBAC95F648FD22F6C6E889AAABA6E3747D0
                                                                                                                                                                                                                                                                                                                                  SHA-256:8C0E1F95AA09754B10449FD8CD7F2E76D8F232D1038B6CF7454DB558AC79962E
                                                                                                                                                                                                                                                                                                                                  SHA-512:564F9F100775FDB6CE2987A7864D2300D600B9A3B88DCBF65A26AE5AE1F0C4B6D4928F55B0ABB0459C6183DA7D40DD7D36F8C11154BFC9546841E1139BF8C9BB
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://unpkg.com/web-vitals@3.5.2/dist/web-vitals.iife.js
                                                                                                                                                                                                                                                                                                                                  Preview:var webVitals=function(e){"use strict";var n,t,r,i,o,a=-1,c=function(e){addEventListener("pageshow",(function(n){n.persisted&&(a=n.timeStamp,e(n))}),!0)},u=function(){return window.performance&&performance.getEntriesByType&&performance.getEntriesByType("navigation")[0]},s=function(){var e=u();return e&&e.activationStart||0},f=function(e,n){var t=u(),r="navigate";a>=0?r="back-forward-cache":t&&(document.prerendering||s()>0?r="prerender":document.wasDiscarded?r="restore":t.type&&(r=t.type.replace(/_/g,"-")));return{name:e,value:void 0===n?-1:n,rating:"good",delta:0,entries:[],id:"v3-".concat(Date.now(),"-").concat(Math.floor(8999999999999*Math.random())+1e12),navigationType:r}},d=function(e,n,t){try{if(PerformanceObserver.supportedEntryTypes.includes(e)){var r=new PerformanceObserver((function(e){Promise.resolve().then((function(){n(e.getEntries())}))}));return r.observe(Object.assign({type:e,buffered:!0},t||{})),r}}catch(e){}},l=function(e,n,t,r){var i,o;return function(a){n.value>=0&&(

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 327

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:GIF image data, version 89a, 1 x 1
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):43
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):2.7374910194847146
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:3:CU9yltxlHh/:m/
                                                                                                                                                                                                                                                                                                                                  MD5:DF3E567D6F16D040326C7A0EA29A4F41
                                                                                                                                                                                                                                                                                                                                  SHA1:EA7DF583983133B62712B5E73BFFBCD45CC53736
                                                                                                                                                                                                                                                                                                                                  SHA-256:548F2D6F4D0D820C6C5FFBEFFCBD7F0E73193E2932EEFE542ACCC84762DEEC87
                                                                                                                                                                                                                                                                                                                                  SHA-512:B2CA25A3311DC42942E046EB1A27038B71D689925B7D6B3EBB4D7CD2C7B9A0C7DE3D10175790AC060DC3F8ACF3C1708C336626BE06879097F4D0ECAA7F567041
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://q.quora.com/_/ad/f3942e2f1f7d449b81784d171e274880/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run
                                                                                                                                                                                                                                                                                                                                  Preview:GIF89a.............!.......,...........D..;

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 328

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):13614
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.21163185311822
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:384:7Iy0clDjbn42OXOw85csXf1NFyNg/OoH6iAHyPtJJAR:7Iy5F/i
                                                                                                                                                                                                                                                                                                                                  MD5:9B1F8DDF85FB0CBFD926FAACB1FC0405
                                                                                                                                                                                                                                                                                                                                  SHA1:ADE7F952C70F07FD3497CD3E8656CA1F28C78633
                                                                                                                                                                                                                                                                                                                                  SHA-256:F4AAA18C55C90588C5E828E56DCC6B2CB0ACF9A4280494C7D1A53FC5E3669112
                                                                                                                                                                                                                                                                                                                                  SHA-512:E4459B7442F642BAB997BCA930530D2353ED53E24CA0F7D7A6ADED68CF6852693EEDFBC4594FEB4D80BBA779F566BA8918D3462C690F70D277D3E2C155C02280
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:. {. "name": "otFlat",. "html": "PGRpdiBpZD0ib25ldHJ1c3QtYmFubmVyLXNkayIgY2xhc3M9Im90RmxhdCI+PGRpdiByb2xlPSJhbGVydGRpYWxvZyIgYXJpYS1kZXNjcmliZWRieT0ib25ldHJ1c3QtcG9saWN5LXRleHQiPjxkaXYgY2xhc3M9Im90LXNkay1jb250YWluZXIiPjxkaXYgY2xhc3M9Im90LXNkay1yb3ciPjxkaXYgaWQ9Im9uZXRydXN0LWdyb3VwLWNvbnRhaW5lciIgY2xhc3M9Im90LXNkay1laWdodCBvdC1zZGstY29sdW1ucyI+PGRpdiBjbGFzcz0iYmFubmVyX2xvZ28iPjwvZGl2PjxkaXYgaWQ9Im9uZXRydXN0LXBvbGljeSI+PGgyIGlkPSJvbmV0cnVzdC1wb2xpY3ktdGl0bGUiPlRpdGxlPC9oMj48ZGl2IGlkPSJvbmV0cnVzdC1wb2xpY3ktdGV4dCI+dGl0bGU8YSBocmVmPSIjIj5wb2xpY3k8L2E+PC9kaXY+PGRpdiBjbGFzcz0ib3QtZHBkLWNvbnRhaW5lciI+PGgzIGNsYXNzPSJvdC1kcGQtdGl0bGUiPldlIGNvbGxlY3QgZGF0YSBpbiBvcmRlciB0byBwcm92aWRlOjwvaDM+PGRpdiBjbGFzcz0ib3QtZHBkLWNvbnRlbnQiPjxwIGNsYXNzPSJvdC1kcGQtZGVzYyI+ZGVzY3JpcHRpb248L3A+PC9kaXY+PC9kaXY+PC9kaXY+PC9kaXY+PGRpdiBpZD0ib25ldHJ1c3QtYnV0dG9uLWdyb3VwLXBhcmVudCIgY2xhc3M9Im90LXNkay10aHJlZSBvdC1zZGstY29sdW1ucyI+PGRpdiBpZD0ib25ldHJ1c3QtYnV0dG9uLWdyb3VwIj48YnV0dG

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 329

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):2
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                                  MD5:99914B932BD37A50B983C5E7C90AE93B
                                                                                                                                                                                                                                                                                                                                  SHA1:BF21A9E8FBC5A3846FB05B4FA0859E0917B2202F
                                                                                                                                                                                                                                                                                                                                  SHA-256:44136FA355B3678A1146AD16F7E8649E94FB4FC21FE77E8310C060F61CAAFF8A
                                                                                                                                                                                                                                                                                                                                  SHA-512:27C74670ADB75075FAD058D5CEAF7B20C4E7786C83BAE8A32F626F9782AF34C9A33C2046EF60FD2A7878D378E29FEC851806BBD9A67878F3A9F1CDA4830763FD
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:{}

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 330

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):4850
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.970526993126406
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:96:npyIN40wawOxa6upiyCBHxYa6AygijMjVjJjeW5hp0F:FkawMZSiyM6vgG8dJtLS
                                                                                                                                                                                                                                                                                                                                  MD5:7F07B81C4381106F15263E225FEB5F66
                                                                                                                                                                                                                                                                                                                                  SHA1:4562904593887507207FCCE5C537707E9DCD1CF3
                                                                                                                                                                                                                                                                                                                                  SHA-256:E030DB2E4F035CA98047DF2E3B362FC68A2405C5CA5292AB2106116B97792182
                                                                                                                                                                                                                                                                                                                                  SHA-512:88175689FCE4898927092CA48D00906A2E0315EED24A5E55BCD214D96A077A1232DBD8588B1BB50C68094F869BB665B85D22B7C49687F3B4E44E3B9F105FB9A4
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://cdn.cookielaw.org/consent/3dfce4f2-dab6-4128-9f33-df7e0597da82/3dfce4f2-dab6-4128-9f33-df7e0597da82.json
                                                                                                                                                                                                                                                                                                                                  Preview:{"CookieSPAEnabled":false,"CookieSameSiteNoneEnabled":false,"CookieV2CSPEnabled":false,"MultiVariantTestingEnabled":false,"UseV2":true,"MobileSDK":false,"SkipGeolocation":false,"ScriptType":"PRODUCTION","Version":"202401.2.0","OptanonDataJSON":"3dfce4f2-dab6-4128-9f33-df7e0597da82","GeolocationUrl":"https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location","BulkDomainCheckUrl":"https://cookies-data.onetrust.io/bannersdk/v1/domaingroupcheck","RuleSet":[{"Id":"c3495855-ffc3-4e68-811b-b5d8201ac53c","Name":"California","Countries":[],"States":{"us":["ca"]},"LanguageSwitcherPlaceholder":{"default":"en"},"BannerPushesDown":false,"Default":false,"Global":false,"Type":"GDPR","UseGoogleVendors":false,"VariantEnabled":false,"TestEndTime":null,"Variants":[],"TemplateName":"GDPR Template - Telerik.Com - Non EU","Conditions":[],"GCEnable":false,"IsGPPEnabled":false,"EnableJWTAuthForKnownUsers":false},{"Id":"7be79de2-14b0-4002-a6d6-0b9dabd1281e","Name":"EU","Countries":["de","no","be","fi",

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 331

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:HTML document, ASCII text, with very long lines (19477), with CRLF, LF line terminators
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):63475
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.587115527319751
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:768:xvM0Axw4DFAEIz9N2tHV9O6zE9u0jBaPNDBxkBxf/EFRZA3/03C3C38X3W3G3qmX:xvMo454kh5DBxkBxEFFnliYPAlf/t
                                                                                                                                                                                                                                                                                                                                  MD5:347518161549CC8638225CA9969E3AAF
                                                                                                                                                                                                                                                                                                                                  SHA1:0F95221E86DE17AD67C8DD1BD6820B3905443AA5
                                                                                                                                                                                                                                                                                                                                  SHA-256:65828F04ED63D07DBDB922DEC61798ACF4D03400CD81B34483B948D006122A49
                                                                                                                                                                                                                                                                                                                                  SHA-512:0A5A944FDEDFB9297FCA5418F38E3AE28510AEF113885E664FB8EF8C6D27FFA7356A93A7F09D2B073278B830ACA498F8F1055DD13744766A74B387DBA61938CA
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://www.telerik.com/download/fiddler/first-run
                                                                                                                                                                                                                                                                                                                                  Preview: <!doctype html> <html id="html" lang="en"> <head> <meta charset="utf-8" /><script type="text/html" id="sf-tracking-consent-manager">...<div id="tracking-consent-dialog" style="display:none" />..</script><script type="text/javascript" src="/WebResource.axd?d=DzHrpQl5URXarFHAtrmzFsPwWIExaUeLHf3gTuslFxiRsjc9gU89IWbLw9lFnSTXl5qZVz-0iBHHB3aQBiGWPYzKfk3ndhT8iH1RSf_M6Sk7X3EWbQzPMVpb-rxAUHFQlncyLjOo3RP6E9HfRXn18roSCYCGCRaVqv9jyNWgJTH95Urh0&amp;t=638477158040000000">....</script> <meta http-equiv="X-UA-Compatible" content="IE=edge" /> <meta name="viewport" content="width=device-width, initial-scale=1" /> <link rel="shortcut icon" href="/favicon.ico?v=rebv1" /> <link href="https://dtzbdy9anri2p.cloudfront.net/cache/b6ce06a57a51347c21d7af30873baa8620408fd6/telerik/css/style.css" rel="stylesheet" type="text/css"> <title>...First run..</title> <meta name="robots" content="noindex" /><meta property="og:title" content="First run" /><meta property="og:url" content="https://www.telerik.com/download/fi

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 332

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (24605)
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):41679
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.4936189279113625
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:768:1keY2FL4rhkGfV8Cj7szizyzMzKNSu3eq9zdlN:qe/+hkGfVXFu5XN
                                                                                                                                                                                                                                                                                                                                  MD5:87B5ECAAFD0E88097CBBB1BBB7695FE9
                                                                                                                                                                                                                                                                                                                                  SHA1:085D5B2112BB1AFA26B03B94183B6EEDC2F076B4
                                                                                                                                                                                                                                                                                                                                  SHA-256:5AF5EE0B37B1F0EF31C42932BBF81424E4BB53E95E87A47E058625C1AF2245DB
                                                                                                                                                                                                                                                                                                                                  SHA-512:C760FA5130EF53C99F4DC88E8843500022E63B2324C1EC8DC6C8F510C31A3CB784F0D38908C6F932E96BD566A0464A11EFD723AD73E72CA99626138A48C73092
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://a.quora.com/qevents.js
                                                                                                                                                                                                                                                                                                                                  Preview:!function(t,e){"object"==typeof exports&&"object"==typeof module?module.exports=e():"function"==typeof define&&define.amd?define([],e):"object"==typeof exports?exports.qevents=e():t.qevents=e()}(this,function(){return function(t){function e(n){if(r[n])return r[n].exports;var i=r[n]={i:n,l:!1,exports:{}};return t[n].call(i.exports,i,i.exports,e),i.l=!0,i.exports}var r={};return e.m=t,e.c=r,e.d=function(t,r,n){e.o(t,r)||Object.defineProperty(t,r,{configurable:!1,enumerable:!0,get:n})},e.n=function(t){var r=t&&t.__esModule?function(){return t["default"]}:function(){return t};return e.d(r,"a",r),r},e.o=function(t,e){return Object.prototype.hasOwnProperty.call(t,e)},e.p="",e(e.s="./shared/qevents/main.js")}({"./shared/Class.js":function(t,e){function r(t,e){function r(){if(i||(t.call(c),n(h,e,a),i=!0,e=null),this!==c){var r=this.__init__;r&&r.apply(this,arguments)}}var i,a=s.prototype=t.prototype,h=new s;return r.prototype=h,r.extend=o,h.constructor=r,r}function n(t,e,r){for(var n in e)e.ha

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 333

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (65450)
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):225718
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.37949700981415
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:3072:MhwvwI82wVdix0DvzxFkvYnUa3FmBRDYi:MhwvwJVExwr/kdaQbDYi
                                                                                                                                                                                                                                                                                                                                  MD5:D78F803B3665558F63F048E3A8740D4B
                                                                                                                                                                                                                                                                                                                                  SHA1:7036DE2D6CC408242C50EB01F2BA9B4A7271FDC6
                                                                                                                                                                                                                                                                                                                                  SHA-256:16CABC9D4B8AE81EED9193EC25B6D463E68290E5433069885156F7C1DC81E975
                                                                                                                                                                                                                                                                                                                                  SHA-512:F3291A4630D7F4A5A34AF6536E480C3106D34EB32A94B85454AF29E98CE4F66E34C98EF72647B056F78C5D0A049E1EAB0D78E41E25D76B2D5B2922E568673797
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://script.hotjar.com/modules.588629dd3c10b20ab52d.js
                                                                                                                                                                                                                                                                                                                                  Preview:/*! For license information please see modules.588629dd3c10b20ab52d.js.LICENSE.txt */.!function(){var e={4788:function(e,t,n){"use strict";n.d(t,{s:function(){return r}});const r=Object.freeze({IDENTIFY_USER:"identify_user",AUTOTAG_RECORDING:"autotag_recording",TAG_RECORDING:"tag_recording",HEATMAP_HELO:"heatmap_helo",RECORDING_HELO:"recording_helo",REPORT_USER_ID:"report_user_id",MUTATION:"mutation",MOUSE_CLICK:"mouse_click",INPUT_CHOICE_CHANGE:"input_choice_change",KEY_PRESS:"key_press",MOUSE_MOVE:"mouse_move",RELATIVE_MOUSE_MOVE:"relative_mouse_move",CLIPBOARD:"clipboard",PAGE_VISIBILITY:"page_visibility",SCROLL_REACH:"scroll_reach",SCROLL:"scroll",SELECT_CHANGE:"select_change",VIEWPORT_RESIZE:"viewport_resize",SCRIPT_PERFORMANCE:"script_performance",REPORT_CONTENT:"report_content",INSERTED_RULE:"inserted_rule",DELETED_RULE:"deleted_rule"})},6939:function(e,t,n){"use strict";n.d(t,{f:function(){return f},W:function(){return g}});const r=Object.freeze({LIVE:"LIVE",REVIEW_WEBAPP:"REVI

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 334

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Unicode text, UTF-8 (with BOM) text, with very long lines (2614), with no line terminators
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):2617
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.970472526953817
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:48:F22U1cLU0b+k2mvPqy+XWojZRe1HvBTy7JSr7su74nP7:oHTm+k/vCy+XC1HpTy7Jc4j
                                                                                                                                                                                                                                                                                                                                  MD5:81AE5B21D1531D21E927D41D7E83E63C
                                                                                                                                                                                                                                                                                                                                  SHA1:4153155654A7E2F2C77BB5F483CB4A04FEC279A6
                                                                                                                                                                                                                                                                                                                                  SHA-256:62147DC8ADC902A9953B2AD5182B769C8DDB3A3C966BFC17F1A198687F2260AC
                                                                                                                                                                                                                                                                                                                                  SHA-512:3FE8D3762FA50FAF6BC849F796FB3494FDEEE86306D4C6E934CA7EB46C4B2959EB429628C0663E563EC16470461C52792AFA0B42E528F6B1A0157548F32CB6FF
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://www.telerik.com/WebResource.axd?d=HtQyXelCu6mzSPcVcvK_BiMPfgaXcXtBpU_p4oPRWdaaTkgqeBOpXuu1TRv9pAGD-FAzjGGeBeqirrj8SJpv3YU7eO6rv9kziBqvktqcdZzC15nZHrag4kg_mMMtSYLloBTL1HIRNuD4Iepyub_zCpOjm9RyH4DXkI1YDpCN_mnfRNsYUjpSNKzgKVak4AN3FQYzZOcP1Z4PmfVVfM_48qg3YrI1&t=638477158040000000
                                                                                                                                                                                                                                                                                                                                  Preview:.InsightInitScript = { _settings: null, _client: null, _createClient: function (t) { InsightInitScript._client = new sfDataIntell.Client({ apiKey: InsightInitScript._settings.apiKey, source: InsightInitScript._settings.applicationName, apiServerUrl: InsightInitScript._settings.apiServerUrl, trackingCookieDomain: InsightInitScript._settings.trackingCookieDomain, maxAgeForTrackingCookieInDays: InsightInitScript._settings.maxAgeForTrackingCookieInDays, slidingExpirationForTrackingCookie: InsightInitScript._settings.slidingExpirationForTrackingCookie, trackYouTubeVideos: InsightInitScript._settings.trackYouTubeVideos, crossDomainTrackingEntries: InsightInitScript._settings.crossDomainTrackingEntries, trackPageVisits: !0, trackVideos: !0, instrument: !0, trackBrowserInformation: !0, trackDocuments: !0, docsHrefTestExpressions: InsightInitScript._settings.docsHrefTestExpressions, enableTracking: t }); var n = InsightInitScript._settings.keepDecTrackingCookieOnTrackingConsentRejection || !1

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 335

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (32607), with no line terminators
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):32607
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.305424592144874
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:192:r21WzQNY6Y6YKYqsRfLL2fgnsBA8405bhvUqHaq6N3MUKIrfIrc+yAieLnIr0+y+:lQsRf+fgwAUh+woEPPMXP5jA/pLwD16y
                                                                                                                                                                                                                                                                                                                                  MD5:11E476A7A22D0B6498EEF90285A87F15
                                                                                                                                                                                                                                                                                                                                  SHA1:A486FB5E8B57A47A08C1B74C3A679A4C7E904368
                                                                                                                                                                                                                                                                                                                                  SHA-256:E13004495B950216A7A189AE1E3269F91D90D31B1F5940F0D56C510F6CA96301
                                                                                                                                                                                                                                                                                                                                  SHA-512:15D88945D2F2C4F4AD767FD516BBCC66116247282A401D1C2098A0A1791211D7C9E0BD1230B1CF5F7E7A0916C62764F4943CBE4714B18EB783A53183A8F60156
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://d6vtbcy3ong79.cloudfront.net/telerik-navigation/3.5.25/css/index.min.css
                                                                                                                                                                                                                                                                                                                                  Preview:.TK-Aside:after,.TK-Drawer:after,.TK-Hat-Aside:after,.TK-container:after,.TK-row:after{clear:both;content:"";display:table}.TK-Nav--Fluid .TK-container{max-width:none}.TK-container{-webkit-box-sizing:border-box;box-sizing:border-box;margin-left:auto;margin-right:auto;max-width:1230px;padding-left:30px;padding-right:30px}@media only screen and (max-width:1229px){.TK-container{padding-left:20px;padding-right:20px}}@media only screen and (max-width:589px){.TK-container{padding-left:20px;padding-right:20px}}.TK-row{-webkit-box-sizing:border-box;box-sizing:border-box;font-size:0;margin-left:-15px;margin-right:-15px}.TK-col-1,.TK-col-10,.TK-col-11,.TK-col-12,.TK-col-13,.TK-col-14,.TK-col-15,.TK-col-16,.TK-col-17,.TK-col-18,.TK-col-19,.TK-col-2,.TK-col-20,.TK-col-21,.TK-col-22,.TK-col-23,.TK-col-24,.TK-col-3,.TK-col-4,.TK-col-5,.TK-col-6,.TK-col-7,.TK-col-8,.TK-col-9{-webkit-box-sizing:border-box;box-sizing:border-box;display:inline-block;font-size:14px;min-height:1px;padding-left:15px;paddin

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 336

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (667), with no line terminators
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):667
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.00765779851988
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:12:2Qb9Radth1mvgfYf5j7OlowvEoAdieE/4A7lEcIetD:2Qb9RytJAcHcoHb/p6cBD
                                                                                                                                                                                                                                                                                                                                  MD5:852912622073373B3811CD4CE08A2D0A
                                                                                                                                                                                                                                                                                                                                  SHA1:649C7C03E26E56A33B08A3C592EDE4D3AE720336
                                                                                                                                                                                                                                                                                                                                  SHA-256:4B8940BEC0467D78E75C7EAAF08B998C9CFBC4297E06490B1BEE1267A4649C04
                                                                                                                                                                                                                                                                                                                                  SHA-512:B7B94FEA330A78C14E75285EF8285DD1DACA09837B37FE74EC2790DACE047D7BAD92E6B75547EB8540F84FA0AB9A0A168EB1ADEDF9D7646418CC1A7B6D5F8B45
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://d585tldpucybw.cloudfront.net/Frontend-Assembly/Web.SitefinityExtensions.EloquaConnector/Scripts/BrowserSessionStorage.min.js?package=PureMvc&v=Q2NzWmRUZmg5UHpIS3RyRDhtYkJmUT09
                                                                                                                                                                                                                                                                                                                                  Preview:(function(){var n="bsc";function i(n){for(var r=n+"=",f=decodeURIComponent(document.cookie),u=f.split(";"),i=0;i<u.length;i++){for(var t=u[i];t.charAt(0)===" ";)t=t.substring(1);if(t.indexOf(r)===0)return t.substring(r.length,t.length)}return null}function t(){var t=i(n);return t||(t=Date.now().toString(),document.cookie=n+"="+t+";path=/;SameSite=Lax;"),t}function r(n){var i=localStorage.getItem(n);if(i){var u=JSON.parse(i),f=t(),r=u[f];return r?r:(localStorage.removeItem(n),null)}return null}function u(n,i){var u=t(),r={};r[u]=i;localStorage.setItem(n,JSON.stringify(r))}var f={read:r,write:u};window.browserSessionStorage||(window.browserSessionStorage=f)})()

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 337

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):35
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.036006945330954
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:3:YGKad20bAn:YGK+o
                                                                                                                                                                                                                                                                                                                                  MD5:7D18C0226B08F68EC83126F32344634B
                                                                                                                                                                                                                                                                                                                                  SHA1:F7B593CCD626C52A16C8DEAA638F77D722A9BB85
                                                                                                                                                                                                                                                                                                                                  SHA-256:4AF2CD82560041DB5DCCDDC690E3019B57703A96345DC27C796B3AF9BCBED2A2
                                                                                                                                                                                                                                                                                                                                  SHA-512:72C2672467426052694DD2C7FA3F28111BDC16AD14EB3D0BA4EDBAF7E96C0293B1103ACD86D1ED4B4D6492750893D34BC837564EAF5795772223B50548CE5010
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:{"content":{"promoViewModel":null}}

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 338

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):13614
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.21163185311822
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:384:7Iy0clDjbn42OXOw85csXf1NFyNg/OoH6iAHyPtJJAR:7Iy5F/i
                                                                                                                                                                                                                                                                                                                                  MD5:9B1F8DDF85FB0CBFD926FAACB1FC0405
                                                                                                                                                                                                                                                                                                                                  SHA1:ADE7F952C70F07FD3497CD3E8656CA1F28C78633
                                                                                                                                                                                                                                                                                                                                  SHA-256:F4AAA18C55C90588C5E828E56DCC6B2CB0ACF9A4280494C7D1A53FC5E3669112
                                                                                                                                                                                                                                                                                                                                  SHA-512:E4459B7442F642BAB997BCA930530D2353ED53E24CA0F7D7A6ADED68CF6852693EEDFBC4594FEB4D80BBA779F566BA8918D3462C690F70D277D3E2C155C02280
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://cdn.cookielaw.org/scripttemplates/202401.2.0/assets/otFlat.json
                                                                                                                                                                                                                                                                                                                                  Preview:. {. "name": "otFlat",. "html": "PGRpdiBpZD0ib25ldHJ1c3QtYmFubmVyLXNkayIgY2xhc3M9Im90RmxhdCI+PGRpdiByb2xlPSJhbGVydGRpYWxvZyIgYXJpYS1kZXNjcmliZWRieT0ib25ldHJ1c3QtcG9saWN5LXRleHQiPjxkaXYgY2xhc3M9Im90LXNkay1jb250YWluZXIiPjxkaXYgY2xhc3M9Im90LXNkay1yb3ciPjxkaXYgaWQ9Im9uZXRydXN0LWdyb3VwLWNvbnRhaW5lciIgY2xhc3M9Im90LXNkay1laWdodCBvdC1zZGstY29sdW1ucyI+PGRpdiBjbGFzcz0iYmFubmVyX2xvZ28iPjwvZGl2PjxkaXYgaWQ9Im9uZXRydXN0LXBvbGljeSI+PGgyIGlkPSJvbmV0cnVzdC1wb2xpY3ktdGl0bGUiPlRpdGxlPC9oMj48ZGl2IGlkPSJvbmV0cnVzdC1wb2xpY3ktdGV4dCI+dGl0bGU8YSBocmVmPSIjIj5wb2xpY3k8L2E+PC9kaXY+PGRpdiBjbGFzcz0ib3QtZHBkLWNvbnRhaW5lciI+PGgzIGNsYXNzPSJvdC1kcGQtdGl0bGUiPldlIGNvbGxlY3QgZGF0YSBpbiBvcmRlciB0byBwcm92aWRlOjwvaDM+PGRpdiBjbGFzcz0ib3QtZHBkLWNvbnRlbnQiPjxwIGNsYXNzPSJvdC1kcGQtZGVzYyI+ZGVzY3JpcHRpb248L3A+PC9kaXY+PC9kaXY+PC9kaXY+PC9kaXY+PGRpdiBpZD0ib25ldHJ1c3QtYnV0dG9uLWdyb3VwLXBhcmVudCIgY2xhc3M9Im90LXNkay10aHJlZSBvdC1zZGstY29sdW1ucyI+PGRpdiBpZD0ib25ldHJ1c3QtYnV0dG9uLWdyb3VwIj48YnV0dG

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 339

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):104424
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.442696525938613
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:1536:Heb5Sn+w2uM3N5AdD3iaxEBTTiyExxqeYtTIlLHtu5aNvbvyLZ6BxeIXeVWyQosK:H2z3cDbHyEq2qaFtcnQeDr
                                                                                                                                                                                                                                                                                                                                  MD5:B523442D6AE391D197CF37166200E62B
                                                                                                                                                                                                                                                                                                                                  SHA1:6FD47DAEDF4995151AA0BB14A2BF3C5729C765A0
                                                                                                                                                                                                                                                                                                                                  SHA-256:F49BD26D89FF4AC08D909A7D1D2C9C2FB95231C3D653BA7B69601BFB8C7B72C5
                                                                                                                                                                                                                                                                                                                                  SHA-512:1613F89DFFD627DBB355D9052BFAD467C7597CF00A7A5248EFCF5595E0EBDE948A656ECC3D41A2FEC8E93294B9DE6AABABE27DE847CA6DA4E3DD706402981397
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://euob.ytwohlcq.telerik.com/sxp/i/940047942047f9f048d2c1e1f6b78492.js
                                                                                                                                                                                                                                                                                                                                  Preview:!function(t){var n={};function r(e){if(n[e])return n[e].exports;var i=n[e]={i:e,l:!1,exports:{}};return t[e].call(i.exports,i,i.exports,r),i.l=!0,i.exports}r.m=t,r.c=n,r.d=function(t,n,e){r.o(t,n)||Object.defineProperty(t,n,{enumerable:!0,get:e})},r.r=function(t){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(t,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(t,"_",{value:!0})},r.t=function(t,n){if(1&n&&(t=r(t)),8&n)return t;if(4&n&&"object"==typeof t&&t&&t._)return t;var e=Object.create(null);if(r.r(e),Object.defineProperty(e,"default",{enumerable:!0,value:t}),2&n&&"string"!=typeof t)for(var i in t)r.d(e,i,function(n){return t[n]}.bind(null,i));return e},r.n=function(t){var n=t&&t._?function(){return t.default}:function(){return t};return r.d(n,"a",n),n},r.o=function(t,n){return Object.prototype.hasOwnProperty.call(t,n)},r.p="",r(r.s=5)}([function(t,n,r){var e=r(1),i=window,a=i.document,c=i.location,o=encodeURIComponent,u=decodeURIComponent,f=i.navigat

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 340

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (2343)
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):52916
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.51283890397623
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:768:oHzaMKHBCwsZtisP5XqYofL+qviHOlTjdNoVJDe6VyKaqgYUD0ZTTE8yVfZsk:caMKH125hYiM8O9dNoVJ3N48yVL
                                                                                                                                                                                                                                                                                                                                  MD5:575B5480531DA4D14E7453E2016FE0BC
                                                                                                                                                                                                                                                                                                                                  SHA1:E5C5F3134FE29E60B591C87EA85951F0AEA36EE1
                                                                                                                                                                                                                                                                                                                                  SHA-256:DE36E50194320A7D3EF1ACE9BD34A875A8BD458B253C061979DD628E9BF49AFD
                                                                                                                                                                                                                                                                                                                                  SHA-512:174E48F4FB2A7E7A0BE1E16564F9ED2D0BBCC8B4AF18CB89AD49CF42B1C3894C8F8E29CE673BC5D9BC8552F88D1D47294EE0E216402566A3F446F04ACA24857A
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://www.google-analytics.com/analytics.js
                                                                                                                                                                                                                                                                                                                                  Preview:(function(){/*.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0.*/.var n=this||self,p=function(a,b){a=a.split(".");var c=n;a[0]in c||"undefined"==typeof c.execScript||c.execScript("var "+a[0]);for(var d;a.length&&(d=a.shift());)a.length||void 0===b?c=c[d]&&c[d]!==Object.prototype[d]?c[d]:c[d]={}:c[d]=b};function q(){for(var a=r,b={},c=0;c<a.length;++c)b[a[c]]=c;return b}function u(){var a="ABCDEFGHIJKLMNOPQRSTUVWXYZ";a+=a.toLowerCase()+"0123456789-_";return a+"."}var r,v;.function aa(a){function b(k){for(;d<a.length;){var m=a.charAt(d++),l=v[m];if(null!=l)return l;if(!/^[\s\xa0]*$/.test(m))throw Error("Unknown base64 encoding at char: "+m);}return k}r=r||u();v=v||q();for(var c="",d=0;;){var e=b(-1),f=b(0),h=b(64),g=b(64);if(64===g&&-1===e)return c;c+=String.fromCharCode(e<<2|f>>4);64!=h&&(c+=String.fromCharCode(f<<4&240|h>>2),64!=g&&(c+=String.fromCharCode(h<<6&192|g)))}};var w={},y=function(a){w.TAGGING=w.TAGGING||[];w.TAGGING[a]=!0};var ba=Array.isArray,c

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 341

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:MS Windows icon resource - 4 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, 16x16, 32 bits/pixel
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):21142
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.720363217360017
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:192:z/tKZVrFfgcFi1eq3rrwyRKDtVjFe8XyLIfYwHdJc3EKlVnD:TEzrF/i8qXfRKyLNWuD
                                                                                                                                                                                                                                                                                                                                  MD5:12649F4E0C5A37D4A41CBCA768C8E7E0
                                                                                                                                                                                                                                                                                                                                  SHA1:1257DD7949F4AA81C8F791DCEEEDD66E486DC3A0
                                                                                                                                                                                                                                                                                                                                  SHA-256:7B990B226FB3E8970B750DEC91D4E8B9B59B2B7B069D0243D7BF70FEBE8EDE53
                                                                                                                                                                                                                                                                                                                                  SHA-512:A0F96E89664C938ED38B33A127EF56B882F2EF3A60A4E01324602905B054C50A0AB87A725A21E61C3C60B5225E8825CBEAB8C5664C2E59BE168071F1CE1EEED4
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://www.telerik.com/favicon.ico?v=rebv1
                                                                                                                                                                                                                                                                                                                                  Preview:............ .....F......... .h....... .... .....F...00.... ..%...,...PNG........IHDR.............\r.f..._IDATx..y...O.T..hiji...Q./.T3h;.Z...b..R..A..DEi.5.".BMG..*$HgF3.1C3.iU...zr..'o..y..>...~>..x..>I.....6d.yB.)..x.@....|.~O.i...<K..R...j.....U.R]....4..+W..T.. ...B....o...}U...S..i....y...v.....f6P..F....".@..'......#=|?B..N...H.0..CTg...W.q..`.1.)}~......a....7.... .S..C.^..%.@..>......b...V5Su...>...C.t...x.Tok.G.>.:QuI..%.@..&...M....WMR.....;.A..!@Z.......{.....n.".......H....W.V..lK'.T.F,,..TB0......V..3....X..a..}.!.@o./.V..R......!*.....l.Y.t....wU..6v.......j.X.C".!@\.+v.^......9.8.....:.8.I.[oMoC..:.......C*....n.....r}.......U+;.B.......[..x........g.....s..\.j..A..].....N#r..=6...s.....*..j<Ul2.i.:..A.{...........U.:.R...............#T?.'6.4..0...z.[..D.H3...n.P..#.....n..b.z|..g.....D.R..t.a@Z...n.1.....T_.....!@. .w.pLV.`:.i..TG..A.7...6. ...=V.K.NS.......{U.,.@cCg[Jf...b..0g[..!@...z..d.[/u.....e..mI.:...;.D..

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 342

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (5258)
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):5259
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.060180329787528
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:96:D95qbslDCpFqImxwoD9N9JT3c5E/9CQipDwdGOddh:h5TdCpFqImxZ5NvAE/9PipDwEOddh
                                                                                                                                                                                                                                                                                                                                  MD5:FB9F7DAE39619642ED5890E40763EF2E
                                                                                                                                                                                                                                                                                                                                  SHA1:BC50FA89795E534B7E417E834C70CB674A9D30B4
                                                                                                                                                                                                                                                                                                                                  SHA-256:70712C8650FEECC46403B5801B9D5B72D5B2D6BA1D1CF0317E105603982321BF
                                                                                                                                                                                                                                                                                                                                  SHA-512:4E710BEA7BB3C8534D12D485260466B15785C6286CBEBE7BC562B9AD020A6E87A70139385FA6F1338F9048E1787ECF3FA4C48821675153F68D9BDFEA47E926DA
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://script.hotjar.com/browser-perf.8417c6bba72228fa2e29.js
                                                                                                                                                                                                                                                                                                                                  Preview:!function(){"use strict";function e(t){return e="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(e){return typeof e}:function(e){return e&&"function"==typeof Symbol&&e.constructor===Symbol&&e!==Symbol.prototype?"symbol":typeof e},e(t)}function t(e){return function(e){if(Array.isArray(e))return r(e)}(e)||function(e){if("undefined"!=typeof Symbol&&null!=e[Symbol.iterator]||null!=e["@@iterator"])return Array.from(e)}(e)||function(e,t){if(e){if("string"==typeof e)return r(e,t);var n=Object.prototype.toString.call(e).slice(8,-1);return"Object"===n&&e.constructor&&(n=e.constructor.name),"Map"===n||"Set"===n?Array.from(e):"Arguments"===n||/^(?:Ui|I)nt(?:8|16|32)(?:Clamped)?Array$/.test(n)?r(e,t):void 0}}(e)||function(){throw new TypeError("Invalid attempt to spread non-iterable instance.\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method.")}()}function r(e,t){(null==t||t>e.length)&&(t=e.length);for(var r=0,n=new Array(t);r<t;r++)n[r]=e[r];re

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 343

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Unicode text, UTF-8 (with BOM) text, with very long lines (7348), with no line terminators
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):7351
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.020040458057364
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:192:Ix8uzi47xx4UNaRAJCJgJWJ04J7KJGboJFJG/bglt7kD5mcg+8N78+fm0KbeCkhj:4ipUXGIqfiRToglY1gNI+fm9KCklB1
                                                                                                                                                                                                                                                                                                                                  MD5:21F1464D7F87F6B19A753002C187706A
                                                                                                                                                                                                                                                                                                                                  SHA1:7C9380F15A38FC33B5BD5F21FD4E82F3163D9B97
                                                                                                                                                                                                                                                                                                                                  SHA-256:F1C215360C8E09CC98F925710D8D70664022EF9F2A3FBDD657ECB408836F3683
                                                                                                                                                                                                                                                                                                                                  SHA-512:76B2D6D861993C910F3E8C181CB096376BD53805E7A4B026866C87543D76FB046E9E99A41C696CE474219EA35DA473B9F975008236E7F6DCB185F0EF785735B0
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://www.telerik.com/WebResource.axd?d=wnB2OjhYopty-dCFa4b2kKCIWGgLoaj0QQ4I7F_PiSysmtqnVBUtsGpmlAymZDgXEXdRjhe5BdfNkuyybLSHMhRnbzI9oh6WXC-y-EwOrJPY0qCvfWaOo0ltV4TVm8apzRlzF5O244Y4u7-m5V8Vv2yC1Tun7PurVRoOxfv28sPwY-isOJNAi7MSqc1tycGYAkqZXHU_zlVNorSTBDv4W4jemDM1&t=638477158040000000
                                                                                                                                                                                                                                                                                                                                  Preview:.var personalizationManager = null; window.sfCorrelationId = Date.now().toString(36) + Math.random().toString(36).substring(2), function () { "use strict"; var PersonalizationManager = function () { this.personalizedContainers = [], this.personalizedContent = [], this._personalizedContentLoadedHandlers = [] }; if (PersonalizationManager.prototype = { initialize: function () { var e = this; e.IEVersion = this.detectIE(), this.loadPersonalizableContainers(), this.personalizedContainers.length > 0 && this.loadPersonalizedContent() }, loadPersonalizableContainers: function () { this.personalizedContainers = this.getScriptElementsWithAttribute("data-sf-pers-id") }, loadPersonalizedContent: function () { for (var firstPersonalizedContainer = this.personalizedContainers[0], pageNodeId = firstPersonalizedContainer.getAttribute("data-sf-pers-page-node-id"), pageDataId = firstPersonalizedContainer.getAttribute("data-sf-pers-page-data-id"), pageNodeKey = firstPersonalizedContainer.getAttribute(

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 344

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:HTML document, ASCII text, with very long lines (321), with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):323
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.315753207603095
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:6:hax/XXFTUil+KfHWIw7ANRNHU1BwQLhH3Uz4JlU2GoJOYuB96I:hax/XXpj1fFRN0nwehH3A4JlZtPI
                                                                                                                                                                                                                                                                                                                                  MD5:A174CF61C6699EA2E03CE5A2882F8ECC
                                                                                                                                                                                                                                                                                                                                  SHA1:D6CCB2A2A8C8F234A97567FAA50A219D38CFDC48
                                                                                                                                                                                                                                                                                                                                  SHA-256:2E8900BA4A5768754DE4FC21BCDDE72BDCAFA25C6C766A7F3BC44BF6C21FC412
                                                                                                                                                                                                                                                                                                                                  SHA-512:88EE44FF730EAC38F52B063AF0D9F062BF568C997B23287D61B21CD574D12C056BD411CB192F7E0AB17612314B81EEEF4BCD0946AE6C196466E63E5710DA884E
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://dntcl.qualaroo.com/frame.html
                                                                                                                                                                                                                                                                                                                                  Preview:<!DOCTYPE html><html><head><script>function getCookie(e){var o="; "+document.cookie,t=o.split("; "+e+"=");return 2==t.length?t.pop().split(";").shift():void 0}window.parent&&"undefined"!=typeof window.parent.postMessage&&getCookie("DNT")&&window.parent.postMessage("QUALAROO_DNT","*");</script></head><body></body></html>..

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 345

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:Unicode text, UTF-8 (with BOM) text, with very long lines (4188), with no line terminators
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):4191
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.114302743441512
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:48:xvTmCcxNDbT2g03nkfmTHqsk04CoDAL1iQBq/cS5gsT+iS+VQEM4SSF4grqam1:BKH5MNk04CorzTXLF4aqv
                                                                                                                                                                                                                                                                                                                                  MD5:58340F3121BDBB73645B3E9C55FF5AC2
                                                                                                                                                                                                                                                                                                                                  SHA1:CBC7F40A0251F2ADF86C4049948D2F89ADF749F2
                                                                                                                                                                                                                                                                                                                                  SHA-256:6399AB4770551E8F40E94D5030C29AF730CEC63C52088C032A7AAB25AF070D85
                                                                                                                                                                                                                                                                                                                                  SHA-512:97EAF9D52458D843438C0F3BD3A3D23A4E169F29215A0A32A3E456281F8CFB214358818E1537D8F875CAE18FF79DE4F1E4502CB0276C687D13DFD0C1425BD944
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://www.telerik.com/WebResource.axd?d=NjxTqR2bqTw1rewxxlkHPoKtHrXAWC0HAaoiA_KkRcUyXkV02CSw2viy3BbwqQQWnOeUM4JljOrJ6SdN8P6xkcmc02D5IE0_hoR3ujKOHMUMV0D80Ax-2HQgUBn3JFGVcQMIptO-sbrJg4UhPcfKleFkBd3KXta5g771qRLz1--cqQWHZet4VERXE7zwP_V-_reX4bmQVhWS6yxLXOsj2Tnqll01&t=638477158040000000
                                                                                                                                                                                                                                                                                                                                  Preview:.var PersonalizationTracker = null; !function () { "use strict"; PersonalizationTracker = { _canTrack: !1, _pageId: null, _url: !1, track: function (e) { if (PersonalizationTracker._canTrack = e, PersonalizationTracker._canTrack) { if (!PersonalizationTracker._readCookie("sf-prs-ss")) { var r = 1e4 * Date.now() + 621355968e9; PersonalizationTracker._createCookie("sf-prs-ss", r) } if (!PersonalizationTracker._readCookie("sf-prs-lu")) { var a = window.top || window; PersonalizationTracker._createCookie("sf-prs-lu", a.location.href) } PersonalizationTracker._pageId && PersonalizationTracker.trackPage(PersonalizationTracker._pageId), PersonalizationTracker._url && PersonalizationTracker.trackUrl() } else PersonalizationTracker._createCookie("sf-prs-ss", "", -1), PersonalizationTracker._createCookie("sf-prs-lu", "", -1), PersonalizationTracker._createCookie("sf-prs-vp", "", -1), PersonalizationTracker._createCookie("sf-prs-vu", "", -1) }, trackPage: function (e) { if (this._pageId = e.rep

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 346

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (13479)
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):13620
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.274037253238212
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:192:5rprDN+sag6ifKIUpQI99P1tLm9kdgyq1+J3aCJQ+h4MPLORw:5rprxaefKI0LP19m4q1WW+h4Mjx
                                                                                                                                                                                                                                                                                                                                  MD5:111591E189E063B051299EEF353DB9BA
                                                                                                                                                                                                                                                                                                                                  SHA1:3459F31CACF4CEDF6818B52AF372155DD7BB9C44
                                                                                                                                                                                                                                                                                                                                  SHA-256:148A74B0921AD78021D716E8032EDE1CDAF7ED7279CEFD7D2ACBE906ADD12A68
                                                                                                                                                                                                                                                                                                                                  SHA-512:2A07DFBA52F79B1ACEB0389C810580D753BAABAA0A796715D3457181F270E1370CF174504FC0DFF44B2B6310DFEEDA55A5F977A9C603F7A069C8FBC0E1DD450D
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.4.1/jquery-migrate.min.js
                                                                                                                                                                                                                                                                                                                                  Preview:/*! jQuery Migrate v3.4.1 | (c) OpenJS Foundation and other contributors | jquery.org/license */."undefined"==typeof jQuery.migrateMute&&(jQuery.migrateMute=!0),function(t){"use strict";"function"==typeof define&&define.amd?define(["jquery"],function(e){return t(e,window)}):"object"==typeof module&&module.exports?module.exports=t(require("jquery"),window):t(jQuery,window)}(function(s,n){"use strict";function e(e){return 0<=function(e,t){for(var r=/^(\d+)\.(\d+)\.(\d+)/,n=r.exec(e)||[],o=r.exec(t)||[],a=1;a<=3;a++){if(+o[a]<+n[a])return 1;if(+n[a]<+o[a])return-1}return 0}(s.fn.jquery,e)}s.migrateVersion="3.4.1";var t=Object.create(null);s.migrateDisablePatches=function(){for(var e=0;e<arguments.length;e++)t[arguments[e]]=!0},s.migrateEnablePatches=function(){for(var e=0;e<arguments.length;e++)delete t[arguments[e]]},s.migrateIsPatchEnabled=function(e){return!t[e]},n.console&&n.console.log&&(s&&e("3.0.0")&&!e("5.0.0")||n.console.log("JQMIGRATE: jQuery 3.x-4.x REQUIRED"),s.migrateWarnings

                                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 347

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                                  Size (bytes):2
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                                  MD5:99914B932BD37A50B983C5E7C90AE93B
                                                                                                                                                                                                                                                                                                                                  SHA1:BF21A9E8FBC5A3846FB05B4FA0859E0917B2202F
                                                                                                                                                                                                                                                                                                                                  SHA-256:44136FA355B3678A1146AD16F7E8649E94FB4FC21FE77E8310C060F61CAAFF8A
                                                                                                                                                                                                                                                                                                                                  SHA-512:27C74670ADB75075FAD058D5CEAF7B20C4E7786C83BAE8A32F626F9782AF34C9A33C2046EF60FD2A7878D378E29FEC851806BBD9A67878F3A9F1CDA4830763FD
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  URL:https://px.ads.linkedin.com/attribution_trigger?pid=2392561%2C3477010&time=1713915004469&url=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run
                                                                                                                                                                                                                                                                                                                                  Preview:{}

                                                                                                                                                                                                                                                                                                                                  \Device\ConDrv

                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exe
                                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                  Size (bytes):923
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.25435749547835
                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                  SSDEEP:12:zKcJFyvBFNYB/A4ZIuN0/aPKDLI4MWBFhy/aVDLI4MWBFr/axNDLI4MLoy/acWDx:zKwFyvDOeonNYE4//E4/AJE4LE4VXE4H
                                                                                                                                                                                                                                                                                                                                  MD5:FD0421C76A3073136B980082BC072FF5
                                                                                                                                                                                                                                                                                                                                  SHA1:6A01465AB90758940CB24981B3DB0C657BAF8109
                                                                                                                                                                                                                                                                                                                                  SHA-256:EE1E26160CFFD21922F3745B3892DFCBF74EA0EFC8D4A7DEA78D1B459928D26E
                                                                                                                                                                                                                                                                                                                                  SHA-512:B94EA84F1BB1FF51370461B1EB1B7088FA22526CC99371D9315A24BDFABA7BDD9F305E923ACCD48CD2A0D2E815BA70669BC8316886F8150A98229873DEABD12C
                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                  Preview:Microsoft (R) CLR Native Image Generator - Version 4.8.4320.0..Copyright (c) Microsoft Corporation. All rights reserved...1> Compiling assembly C:\Users\user\AppData\Local\Programs\Fiddler\EnableLoopback.exe (CLR v4.0.30319) .....2> Compiling assembly System.Data.SqlXml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 (CLR v4.0.30319) .....4> Compiling assembly System.Numerics, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 (CLR v4.0.30319) .....3> Compiling assembly System.Security, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a (CLR v4.0.30319) .....4> Compiling assembly System.Runtime.Serialization.Formatters.Soap, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a (CLR v4.0.30319) .....1> Compiling assembly System.Deployment, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a (CLR v4.0.30319) .....

                                                                                                                                                                                                                                                                                                                                  Static File Info

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  File type:PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):7.99179279983528
                                                                                                                                                                                                                                                                                                                                  TrID:
                                                                                                                                                                                                                                                                                                                                  • Win32 Executable (generic) a (10002005/4) 99.96%
                                                                                                                                                                                                                                                                                                                                  • Generic Win/DOS Executable (2004/3) 0.02%
                                                                                                                                                                                                                                                                                                                                  • DOS Executable Generic (2002/1) 0.02%
                                                                                                                                                                                                                                                                                                                                  • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                                                                                                                                                                                                                                                                                                  File name:SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe
                                                                                                                                                                                                                                                                                                                                  File size:4'632'256 bytes
                                                                                                                                                                                                                                                                                                                                  MD5:78537045a5e032d4ac93514f027c7a47
                                                                                                                                                                                                                                                                                                                                  SHA1:5b6e705b20652c0cf39ee890013b9b8e8ad26b07
                                                                                                                                                                                                                                                                                                                                  SHA256:06812518a722af6f98fbd8c3a5ace0cad1c6d53477972618728e64bafcbc948c
                                                                                                                                                                                                                                                                                                                                  SHA512:8fee84a791ae85175b7d61b54c66fc47abd4e231b7194779d2213f94c388b23e3f8e0408a1f29856b2a0404d824f17858f6b0676f6a1656428424665658c4a47
                                                                                                                                                                                                                                                                                                                                  SSDEEP:98304:pNB6cDqnTgnRkidZ7C0eNGyJW3lE4RrtRmrpIZhGuul38YR7O8sOKduG8xOvC:pNRdnRkgCNGyJ/IJYR7vsOKwGYO
                                                                                                                                                                                                                                                                                                                                  TLSH:0D26338486E8D9A7F9661DB8091BFBB32ED8F9F463B10F2B6F2183421D68745CE1D414
                                                                                                                                                                                                                                                                                                                                  File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........1 ..PN..PN..PN.*_...PN..PO.JPN.*_...PN..s~..PN..VH..PN.Rich.PN.........................PE..L...c..d.................f...".....

                                                                                                                                                                                                                                                                                                                                  File Icon

                                                                                                                                                                                                                                                                                                                                  Icon Hash:4d9733535113864d

                                                                                                                                                                                                                                                                                                                                  Static PE Info

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Entrypoint:0x4034fc
                                                                                                                                                                                                                                                                                                                                  Entrypoint Section:.text
                                                                                                                                                                                                                                                                                                                                  Digitally signed:true
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x400000
                                                                                                                                                                                                                                                                                                                                  Subsystem:windows gui
                                                                                                                                                                                                                                                                                                                                  Image File Characteristics:RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE
                                                                                                                                                                                                                                                                                                                                  DLL Characteristics:DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
                                                                                                                                                                                                                                                                                                                                  Time Stamp:0x64A0DC63 [Sun Jul 2 02:09:39 2023 UTC]
                                                                                                                                                                                                                                                                                                                                  TLS Callbacks:
                                                                                                                                                                                                                                                                                                                                  CLR (.Net) Version:
                                                                                                                                                                                                                                                                                                                                  OS Version Major:4
                                                                                                                                                                                                                                                                                                                                  OS Version Minor:0
                                                                                                                                                                                                                                                                                                                                  File Version Major:4
                                                                                                                                                                                                                                                                                                                                  File Version Minor:0
                                                                                                                                                                                                                                                                                                                                  Subsystem Version Major:4
                                                                                                                                                                                                                                                                                                                                  Subsystem Version Minor:0
                                                                                                                                                                                                                                                                                                                                  Import Hash:f4639a0b3116c2cfc71144b88a929cfd

                                                                                                                                                                                                                                                                                                                                  Authenticode Signature

                                                                                                                                                                                                                                                                                                                                  Signature Valid:true
                                                                                                                                                                                                                                                                                                                                  Signature Issuer:CN=GlobalSign GCC R45 EV CodeSigning CA 2020, O=GlobalSign nv-sa, C=BE
                                                                                                                                                                                                                                                                                                                                  Signature Validation Error:The operation completed successfully
                                                                                                                                                                                                                                                                                                                                  Error Number:0
                                                                                                                                                                                                                                                                                                                                  Not Before, Not After
                                                                                                                                                                                                                                                                                                                                  • 27/10/2023 16:45:04 27/10/2024 15:45:04
                                                                                                                                                                                                                                                                                                                                  Subject Chain
                                                                                                                                                                                                                                                                                                                                  • CN=Progress Software Corporation, O=Progress Software Corporation, STREET=15 Wayside Rd Ste 4, L=Burlington, S=Massachusetts, C=US, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, OID.1.3.6.1.4.1.311.60.2.1.3=US, SERIALNUMBER=5743582, OID.2.5.4.15=Private Organization
                                                                                                                                                                                                                                                                                                                                  Version:3
                                                                                                                                                                                                                                                                                                                                  Thumbprint MD5:B13AE4988A452224CAF6151CCBDBDD94
                                                                                                                                                                                                                                                                                                                                  Thumbprint SHA-1:AB38282E84C27CAEDC42E9F4912CD031D8375880
                                                                                                                                                                                                                                                                                                                                  Thumbprint SHA-256:345FC38D2C7E97B1D475862DF3CF23826BA0C9F3C9664D8B9C1E04546CBE0C72
                                                                                                                                                                                                                                                                                                                                  Serial:09557E45BDC7AD80365E527F

                                                                                                                                                                                                                                                                                                                                  Entrypoint Preview

                                                                                                                                                                                                                                                                                                                                  Instruction
                                                                                                                                                                                                                                                                                                                                  sub esp, 000003F8h
                                                                                                                                                                                                                                                                                                                                  push ebp
                                                                                                                                                                                                                                                                                                                                  push esi
                                                                                                                                                                                                                                                                                                                                  push edi
                                                                                                                                                                                                                                                                                                                                  push 00000020h
                                                                                                                                                                                                                                                                                                                                  pop edi
                                                                                                                                                                                                                                                                                                                                  xor ebp, ebp
                                                                                                                                                                                                                                                                                                                                  push 00008001h
                                                                                                                                                                                                                                                                                                                                  mov dword ptr [esp+20h], ebp
                                                                                                                                                                                                                                                                                                                                  mov dword ptr [esp+18h], 0040A2D8h
                                                                                                                                                                                                                                                                                                                                  mov dword ptr [esp+14h], ebp
                                                                                                                                                                                                                                                                                                                                  call dword ptr [004080A4h]
                                                                                                                                                                                                                                                                                                                                  mov esi, dword ptr [004080A8h]
                                                                                                                                                                                                                                                                                                                                  lea eax, dword ptr [esp+34h]
                                                                                                                                                                                                                                                                                                                                  push eax
                                                                                                                                                                                                                                                                                                                                  mov dword ptr [esp+4Ch], ebp
                                                                                                                                                                                                                                                                                                                                  mov dword ptr [esp+0000014Ch], ebp
                                                                                                                                                                                                                                                                                                                                  mov dword ptr [esp+00000150h], ebp
                                                                                                                                                                                                                                                                                                                                  mov dword ptr [esp+38h], 0000011Ch
                                                                                                                                                                                                                                                                                                                                  call esi
                                                                                                                                                                                                                                                                                                                                  test eax, eax
                                                                                                                                                                                                                                                                                                                                  jne 00007F859568EFDAh
                                                                                                                                                                                                                                                                                                                                  lea eax, dword ptr [esp+34h]
                                                                                                                                                                                                                                                                                                                                  mov dword ptr [esp+34h], 00000114h
                                                                                                                                                                                                                                                                                                                                  push eax
                                                                                                                                                                                                                                                                                                                                  call esi
                                                                                                                                                                                                                                                                                                                                  mov ax, word ptr [esp+48h]
                                                                                                                                                                                                                                                                                                                                  mov ecx, dword ptr [esp+62h]
                                                                                                                                                                                                                                                                                                                                  sub ax, 00000053h
                                                                                                                                                                                                                                                                                                                                  add ecx, FFFFFFD0h
                                                                                                                                                                                                                                                                                                                                  neg ax
                                                                                                                                                                                                                                                                                                                                  sbb eax, eax
                                                                                                                                                                                                                                                                                                                                  mov byte ptr [esp+0000014Eh], 00000004h
                                                                                                                                                                                                                                                                                                                                  not eax
                                                                                                                                                                                                                                                                                                                                  and eax, ecx
                                                                                                                                                                                                                                                                                                                                  mov word ptr [esp+00000148h], ax
                                                                                                                                                                                                                                                                                                                                  cmp dword ptr [esp+38h], 0Ah
                                                                                                                                                                                                                                                                                                                                  jnc 00007F859568EFA8h
                                                                                                                                                                                                                                                                                                                                  and word ptr [esp+42h], 0000h
                                                                                                                                                                                                                                                                                                                                  mov eax, dword ptr [esp+40h]
                                                                                                                                                                                                                                                                                                                                  movzx ecx, byte ptr [esp+3Ch]
                                                                                                                                                                                                                                                                                                                                  mov dword ptr [00429AD8h], eax
                                                                                                                                                                                                                                                                                                                                  xor eax, eax
                                                                                                                                                                                                                                                                                                                                  mov ah, byte ptr [esp+38h]
                                                                                                                                                                                                                                                                                                                                  movzx eax, ax
                                                                                                                                                                                                                                                                                                                                  or eax, ecx
                                                                                                                                                                                                                                                                                                                                  xor ecx, ecx
                                                                                                                                                                                                                                                                                                                                  mov ch, byte ptr [esp+00000148h]
                                                                                                                                                                                                                                                                                                                                  movzx ecx, cx
                                                                                                                                                                                                                                                                                                                                  shl eax, 10h
                                                                                                                                                                                                                                                                                                                                  or eax, ecx
                                                                                                                                                                                                                                                                                                                                  movzx ecx, byte ptr [esp+0000004Eh]

                                                                                                                                                                                                                                                                                                                                  Rich Headers

                                                                                                                                                                                                                                                                                                                                  Programming Language:
                                                                                                                                                                                                                                                                                                                                  • [EXP] VC++ 6.0 SP5 build 8804

                                                                                                                                                                                                                                                                                                                                  Data Directories

                                                                                                                                                                                                                                                                                                                                  NameVirtual AddressVirtual Size Is in Section
                                                                                                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                                                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_IMPORT0x84fc0xa0.rdata
                                                                                                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_RESOURCE0x3b0000x5628.rsrc
                                                                                                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                                                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_SECURITY0x468b700x2350
                                                                                                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_BASERELOC0x00x0
                                                                                                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                                                                                                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                                                                                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                                                                                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_IAT0x80000x2a8.rdata
                                                                                                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                                                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                                                                                                                                                                                                                                                                  Sections

                                                                                                                                                                                                                                                                                                                                  NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                                                                                                                                                                                                                                                  .text0x10000x65560x6600dd25e171f2e0fe45f2800cc9e162537dFalse0.6652113970588235data6.456753840355455IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                                                                  .rdata0x80000x13580x1400f0b500ff912dda10f31f36da3efc8a1eFalse0.44296875data5.102094016108248IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                                                                  .data0xa0000x1fb380x6002bc02714ee74ba781d92e94eeaccb080False0.501953125data4.040639308682379IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                                                                                                  .ndata0x2a0000x110000x0d41d8cd98f00b204e9800998ecf8427eFalse0empty0.0IMAGE_SCN_CNT_UNINITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                                                                                                  .rsrc0x3b0000x56280x580056e1422ae16d649424ec2f9edebe1cc0False0.16654829545454544data3.360288828761554IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ

                                                                                                                                                                                                                                                                                                                                  Resources

                                                                                                                                                                                                                                                                                                                                  NameRVASizeTypeLanguageCountryZLIB Complexity
                                                                                                                                                                                                                                                                                                                                  RT_ICON0x3b2980x25a8Device independent bitmap graphic, 48 x 96 x 32, image size 9600EnglishUnited States0.08827800829875519
                                                                                                                                                                                                                                                                                                                                  RT_ICON0x3d8400x10a8Device independent bitmap graphic, 32 x 64 x 32, image size 4224EnglishUnited States0.13109756097560976
                                                                                                                                                                                                                                                                                                                                  RT_ICON0x3e8e80x8a8Device independent bitmap graphic, 32 x 64 x 8, image size 1024, 256 important colorsEnglishUnited States0.194043321299639
                                                                                                                                                                                                                                                                                                                                  RT_ICON0x3f1900x568Device independent bitmap graphic, 16 x 32 x 8, image size 256, 256 important colorsEnglishUnited States0.28395953757225434
                                                                                                                                                                                                                                                                                                                                  RT_ICON0x3f6f80x468Device independent bitmap graphic, 16 x 32 x 32, image size 1088EnglishUnited States0.1622340425531915
                                                                                                                                                                                                                                                                                                                                  RT_DIALOG0x3fb600x100dataEnglishUnited States0.5234375
                                                                                                                                                                                                                                                                                                                                  RT_DIALOG0x3fc600x11cdataEnglishUnited States0.6056338028169014
                                                                                                                                                                                                                                                                                                                                  RT_DIALOG0x3fd800x60dataEnglishUnited States0.7291666666666666
                                                                                                                                                                                                                                                                                                                                  RT_GROUP_ICON0x3fde00x4cdataEnglishUnited States0.7631578947368421
                                                                                                                                                                                                                                                                                                                                  RT_VERSION0x3fe300x3c8dataEnglishUnited States0.4225206611570248
                                                                                                                                                                                                                                                                                                                                  RT_MANIFEST0x401f80x42aXML 1.0 document, ASCII text, with very long lines (1066), with no line terminatorsEnglishUnited States0.5140712945590994

                                                                                                                                                                                                                                                                                                                                  Imports

                                                                                                                                                                                                                                                                                                                                  DLLImport
                                                                                                                                                                                                                                                                                                                                  ADVAPI32.dllRegEnumValueW, RegEnumKeyW, RegQueryValueExW, RegSetValueExW, RegCloseKey, RegDeleteValueW, RegDeleteKeyW, AdjustTokenPrivileges, LookupPrivilegeValueW, OpenProcessToken, RegOpenKeyExW, RegCreateKeyExW
                                                                                                                                                                                                                                                                                                                                  SHELL32.dllSHGetPathFromIDListW, SHBrowseForFolderW, SHGetFileInfoW, SHFileOperationW, ShellExecuteExW
                                                                                                                                                                                                                                                                                                                                  ole32.dllCoCreateInstance, OleUninitialize, OleInitialize, IIDFromString, CoTaskMemFree
                                                                                                                                                                                                                                                                                                                                  COMCTL32.dllImageList_Destroy, ImageList_AddMasked, ImageList_Create
                                                                                                                                                                                                                                                                                                                                  USER32.dllMessageBoxIndirectW, GetDlgItemTextW, SetDlgItemTextW, CreatePopupMenu, AppendMenuW, TrackPopupMenu, OpenClipboard, EmptyClipboard, SetClipboardData, CloseClipboard, IsWindowVisible, CallWindowProcW, GetMessagePos, CheckDlgButton, LoadCursorW, SetCursor, GetSysColor, SetWindowPos, GetWindowLongW, IsWindowEnabled, SetClassLongW, GetSystemMenu, EnableMenuItem, GetWindowRect, ScreenToClient, EndDialog, RegisterClassW, SystemParametersInfoW, CharPrevW, GetClassInfoW, DialogBoxParamW, CharNextW, ExitWindowsEx, DestroyWindow, CreateDialogParamW, SetTimer, SetWindowTextW, PostQuitMessage, SetForegroundWindow, ShowWindow, wsprintfW, SendMessageTimeoutW, FindWindowExW, IsWindow, GetDlgItem, SetWindowLongW, LoadImageW, GetDC, ReleaseDC, EnableWindow, InvalidateRect, SendMessageW, DefWindowProcW, BeginPaint, GetClientRect, FillRect, DrawTextW, EndPaint, CharNextA, wsprintfA, DispatchMessageW, CreateWindowExW, PeekMessageW, GetSystemMetrics
                                                                                                                                                                                                                                                                                                                                  GDI32.dllGetDeviceCaps, SetBkColor, SelectObject, DeleteObject, CreateBrushIndirect, CreateFontIndirectW, SetBkMode, SetTextColor
                                                                                                                                                                                                                                                                                                                                  KERNEL32.dlllstrcmpiA, CreateFileW, GetTempFileNameW, RemoveDirectoryW, CreateProcessW, CreateDirectoryW, GetLastError, CreateThread, GlobalLock, GlobalUnlock, GetDiskFreeSpaceW, WideCharToMultiByte, lstrcpynW, lstrlenW, SetErrorMode, GetVersionExW, GetCommandLineW, GetTempPathW, GetWindowsDirectoryW, WriteFile, CopyFileW, ExitProcess, GetCurrentProcess, GetModuleFileNameW, GetFileSize, GetTickCount, Sleep, SetFileAttributesW, GetFileAttributesW, SetCurrentDirectoryW, MoveFileW, GetFullPathNameW, GetShortPathNameW, SearchPathW, CompareFileTime, SetFileTime, CloseHandle, lstrcmpiW, lstrcmpW, ExpandEnvironmentStringsW, GlobalFree, GlobalAlloc, GetModuleHandleW, LoadLibraryExW, FreeLibrary, WritePrivateProfileStringW, GetPrivateProfileStringW, lstrlenA, MultiByteToWideChar, ReadFile, SetFilePointer, FindClose, FindNextFileW, FindFirstFileW, DeleteFileW, MulDiv, lstrcpyA, MoveFileExW, lstrcatW, GetSystemDirectoryW, GetProcAddress, GetModuleHandleA, GetExitCodeProcess, WaitForSingleObject, SetEnvironmentVariableW

                                                                                                                                                                                                                                                                                                                                  Possible Origin

                                                                                                                                                                                                                                                                                                                                  Language of compilation systemCountry where language is spokenMap
                                                                                                                                                                                                                                                                                                                                  EnglishUnited States

                                                                                                                                                                                                                                                                                                                                  Network Behavior

                                                                                                                                                                                                                                                                                                                                  Network Port Distribution

                                                                                                                                                                                                                                                                                                                                  TCP Packets

                                                                                                                                                                                                                                                                                                                                  TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:05.494307995 CEST49671443192.168.2.7204.79.197.203
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:06.775544882 CEST49675443192.168.2.7104.98.116.138
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:06.775546074 CEST49674443192.168.2.7104.98.116.138
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:06.916212082 CEST49672443192.168.2.7104.98.116.138
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:09.510827065 CEST49677443192.168.2.720.50.201.200
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:09.884892941 CEST49677443192.168.2.720.50.201.200
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:10.306926966 CEST49671443192.168.2.7204.79.197.203
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:10.634905100 CEST49677443192.168.2.720.50.201.200
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:12.134912014 CEST49677443192.168.2.720.50.201.200
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:15.120440960 CEST49677443192.168.2.720.50.201.200
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:16.384953976 CEST49675443192.168.2.7104.98.116.138
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:16.384974003 CEST49674443192.168.2.7104.98.116.138
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:16.525547028 CEST49672443192.168.2.7104.98.116.138
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:17.901705980 CEST44349703104.98.116.138192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:17.901809931 CEST49703443192.168.2.7104.98.116.138
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:19.909562111 CEST49671443192.168.2.7204.79.197.203
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:21.072458029 CEST49677443192.168.2.720.50.201.200
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:22.612297058 CEST4970680192.168.2.750.56.19.116
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:22.612847090 CEST4970780192.168.2.750.56.19.116
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:22.821866035 CEST804970650.56.19.116192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:22.821974039 CEST4970680192.168.2.750.56.19.116
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:22.822928905 CEST804970750.56.19.116192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:22.823100090 CEST4970780192.168.2.750.56.19.116
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:22.823184967 CEST4970680192.168.2.750.56.19.116
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:23.031348944 CEST804970650.56.19.116192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:23.033346891 CEST804970650.56.19.116192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:23.103943110 CEST4970680192.168.2.750.56.19.116
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:23.311244965 CEST4971080192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:23.344896078 CEST4971180192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:23.519895077 CEST804971050.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:23.519994974 CEST4971080192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:23.546684027 CEST4971080192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:23.553205967 CEST804971150.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:23.553277969 CEST4971180192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:23.755194902 CEST804971050.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:23.755250931 CEST804971050.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:23.799745083 CEST4971080192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:26.670028925 CEST49712443192.168.2.7142.250.141.99
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:26.670113087 CEST44349712142.250.141.99192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:26.670191050 CEST49712443192.168.2.7142.250.141.99
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:26.670917034 CEST49712443192.168.2.7142.250.141.99
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:26.670948982 CEST44349712142.250.141.99192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:27.028867960 CEST44349712142.250.141.99192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:27.105629921 CEST49712443192.168.2.7142.250.141.99
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:27.568717957 CEST49712443192.168.2.7142.250.141.99
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:27.568788052 CEST44349712142.250.141.99192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:27.570522070 CEST44349712142.250.141.99192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:27.570539951 CEST44349712142.250.141.99192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:27.570590973 CEST49712443192.168.2.7142.250.141.99
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:27.706538916 CEST49712443192.168.2.7142.250.141.99
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:27.744174957 CEST49712443192.168.2.7142.250.141.99
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:27.744370937 CEST44349712142.250.141.99192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:27.813839912 CEST49712443192.168.2.7142.250.141.99
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:27.813873053 CEST44349712142.250.141.99192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:27.918158054 CEST49712443192.168.2.7142.250.141.99
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:27.927962065 CEST49713443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:27.928019047 CEST4434971350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:27.928148985 CEST49713443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:27.928411961 CEST49713443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:27.928432941 CEST4434971350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:28.563747883 CEST4434971350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:28.693865061 CEST49713443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:28.812041044 CEST49713443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:28.812062025 CEST4434971350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:28.815891981 CEST4434971350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:28.815937042 CEST4434971350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:28.815975904 CEST49713443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:28.865537882 CEST49713443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:28.865885973 CEST4434971350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:28.865921021 CEST49713443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:28.912123919 CEST4434971350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.000107050 CEST49713443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.000123024 CEST4434971350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.080115080 CEST4434971350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.080132961 CEST4434971350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.080151081 CEST4434971350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.080158949 CEST4434971350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.080166101 CEST4434971350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.080205917 CEST49713443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.080233097 CEST4434971350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.080285072 CEST49713443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.288570881 CEST4434971350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.288578033 CEST4434971350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.288605928 CEST4434971350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.288625956 CEST4434971350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.288630009 CEST49713443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.288690090 CEST49713443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.288707018 CEST49713443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.289247036 CEST4434971350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.289262056 CEST4434971350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.289274931 CEST4434971350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.289284945 CEST4434971350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.289294004 CEST49713443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.289305925 CEST4434971350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.289323092 CEST49713443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.289351940 CEST49713443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.497380972 CEST4434971350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.497421026 CEST4434971350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.497440100 CEST4434971350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.497458935 CEST49713443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.497488976 CEST4434971350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.497509956 CEST4434971350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.497522116 CEST49713443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.497533083 CEST4434971350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.497545958 CEST49713443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.497569084 CEST49713443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.497584105 CEST49713443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.497648001 CEST4434971350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.497715950 CEST49713443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.497798920 CEST4434971350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.497844934 CEST49713443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.497885942 CEST4434971350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.498034954 CEST4434971350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.498080015 CEST49713443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.972953081 CEST49713443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.972980976 CEST4434971350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.978094101 CEST49716443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.978135109 CEST4434971650.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.978198051 CEST49716443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.983522892 CEST49717443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.983556986 CEST4434971750.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.983620882 CEST49717443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.989265919 CEST49716443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.989281893 CEST4434971650.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.991214991 CEST49717443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.991228104 CEST4434971750.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.992142916 CEST49718443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.992194891 CEST4434971850.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.992264032 CEST49718443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.005393982 CEST49719443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.005429029 CEST4434971950.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.005486965 CEST49719443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.006212950 CEST49718443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.006251097 CEST4434971850.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.007374048 CEST49719443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.007390022 CEST4434971950.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.152051926 CEST49720443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.152090073 CEST44349720104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.152195930 CEST49720443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.152280092 CEST49721443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.152293921 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.152338028 CEST49721443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.152549982 CEST49720443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.152560949 CEST44349720104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.152725935 CEST49721443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.152734041 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.158289909 CEST49722443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.158314943 CEST44349722104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.158390045 CEST49722443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.158591032 CEST49722443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.158606052 CEST44349722104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.172161102 CEST49723443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.172203064 CEST4434972313.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.172314882 CEST49724443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.172344923 CEST49723443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.172348022 CEST4434972413.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.172447920 CEST49724443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.172616005 CEST49725443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.172645092 CEST4434972513.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.172746897 CEST49725443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.172789097 CEST49726443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.172811031 CEST4434972613.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.172883034 CEST49727443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.172893047 CEST4434972713.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.172913074 CEST49726443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.172946930 CEST49727443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.173021078 CEST49728443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.173028946 CEST4434972813.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.173074961 CEST49728443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.173144102 CEST49729443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.173155069 CEST4434972913.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.173235893 CEST49729443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.173383951 CEST49723443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.173398018 CEST4434972313.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.173588037 CEST49724443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.173600912 CEST4434972413.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.173770905 CEST49725443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.173789978 CEST4434972513.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.173866034 CEST49727443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.173878908 CEST4434972713.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.174036026 CEST49726443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.174057007 CEST4434972613.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.174165010 CEST49728443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.174177885 CEST4434972813.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.174371004 CEST49729443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.174384117 CEST4434972913.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.189800024 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.189871073 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.189939976 CEST49731443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.189966917 CEST4434973152.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.189975023 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.190016031 CEST49731443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.190268040 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.190291882 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.190372944 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.190618992 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.190649986 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.190785885 CEST49731443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.190804005 CEST4434973152.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.191062927 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.191078901 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.407721043 CEST4434971650.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.410554886 CEST4434971750.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.427138090 CEST4434971850.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.427593946 CEST4434971950.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.467614889 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.469834089 CEST44349720104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.476813078 CEST44349722104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.486840010 CEST49718443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.486993074 CEST49719443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.513246059 CEST4434972913.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.513514996 CEST4434972413.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.515916109 CEST4434972613.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.516269922 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.516772032 CEST4434972513.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.517093897 CEST49716443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.517112017 CEST49722443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.517116070 CEST49721443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.517121077 CEST49717443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.517121077 CEST49720443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.517911911 CEST4434972713.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.518794060 CEST4434972313.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.520226955 CEST4434972813.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.522089958 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.523654938 CEST4434973152.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.594065905 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.594068050 CEST49726443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.594073057 CEST49729443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.594075918 CEST49727443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.594080925 CEST49728443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.594229937 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.594242096 CEST49731443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.724126101 CEST4434972413.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.724155903 CEST4434972513.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.724215984 CEST49724443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.724271059 CEST49725443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.728132010 CEST4434972313.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.728221893 CEST49723443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.657455921 CEST49716443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.657486916 CEST4434971650.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.657778025 CEST49717443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.657797098 CEST4434971750.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.657948017 CEST49718443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.657969952 CEST4434971850.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.658061981 CEST49719443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.658096075 CEST4434971950.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.658165932 CEST49722443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.658169031 CEST4434971650.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.658200026 CEST44349722104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.658238888 CEST4434971750.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.658514977 CEST49720443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.658531904 CEST44349720104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.658839941 CEST49721443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.658850908 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.658982992 CEST49729443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.659009933 CEST4434972913.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.659099102 CEST4434971850.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.659116983 CEST4434971850.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.659133911 CEST49724443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.659152031 CEST4434972413.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.659185886 CEST49718443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.659279108 CEST4434971950.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.659296989 CEST4434971950.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.659333944 CEST49719443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.659409046 CEST49726443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.659425974 CEST4434972613.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.659781933 CEST44349722104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.659840107 CEST49722443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.659996033 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.660007954 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.660124063 CEST4434972913.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.660137892 CEST4434972913.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.660180092 CEST49729443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.660180092 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.660231113 CEST49725443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.660232067 CEST49721443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.660243988 CEST4434972513.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.660283089 CEST4434972413.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.660339117 CEST44349720104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.660346031 CEST49724443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.660388947 CEST49720443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.660623074 CEST4434972613.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.660640955 CEST4434972613.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.660675049 CEST49726443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.660836935 CEST49727443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.660851002 CEST4434972713.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.661744118 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.661757946 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.661808014 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.662336111 CEST4434972513.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.662673950 CEST49725443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.663528919 CEST4434972713.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.663542986 CEST4434972713.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.663578033 CEST49727443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.663734913 CEST49723443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.663749933 CEST4434972313.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.663989067 CEST49728443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.664005995 CEST4434972813.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.665148973 CEST4434972813.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.665164948 CEST4434972813.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.665241957 CEST49728443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.665252924 CEST4434972313.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.665359020 CEST49723443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.672998905 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.673011065 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.673172951 CEST49731443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.673197031 CEST4434973152.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.674335003 CEST4434973152.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.674350977 CEST4434973152.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.674407005 CEST49731443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.674634933 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.674647093 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.674691916 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.682569981 CEST49716443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.682720900 CEST4434971650.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.682852983 CEST49717443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.682965040 CEST4434971750.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.683130026 CEST49718443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.683233976 CEST4434971850.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.683377981 CEST49719443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.683499098 CEST4434971950.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.684454918 CEST49722443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.684597015 CEST44349722104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.701272964 CEST49729443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.701384068 CEST4434972913.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.720151901 CEST49721443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.720309973 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.732851982 CEST49724443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.733000994 CEST4434972413.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.743285894 CEST49720443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.743477106 CEST44349720104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.758214951 CEST49726443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.758388996 CEST4434972613.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.765625000 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.765876055 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.766767025 CEST49725443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.766931057 CEST4434972513.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.773509979 CEST49727443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.773694992 CEST4434972713.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.774651051 CEST49728443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.774801016 CEST4434972813.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.776635885 CEST49723443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.776829958 CEST4434972313.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.777020931 CEST49731443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.777107954 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.777170897 CEST4434973152.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.777313948 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.780730009 CEST49716443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.781088114 CEST49717443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.781199932 CEST49718443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.781223059 CEST4434971850.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.781441927 CEST49719443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.781467915 CEST4434971950.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.781507969 CEST49722443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.781523943 CEST44349722104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.781706095 CEST49729443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.781725883 CEST4434972913.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.782063007 CEST49721443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.782082081 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.782166958 CEST49724443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.782188892 CEST4434972413.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.782265902 CEST49720443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.782288074 CEST44349720104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.782339096 CEST49726443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.782356024 CEST4434972613.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.782430887 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.782448053 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.782536030 CEST49725443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.782556057 CEST4434972513.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.782727003 CEST49727443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.782738924 CEST4434972713.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.782891035 CEST49728443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.782908916 CEST4434972813.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.783067942 CEST49723443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.783082962 CEST4434972313.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.783236027 CEST49731443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.783253908 CEST4434973152.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.783302069 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.783310890 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.824117899 CEST4434971750.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.824131012 CEST4434971650.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.900074005 CEST49718443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.900085926 CEST49719443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.900096893 CEST49726443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.900110006 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.900110006 CEST49729443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.900119066 CEST49727443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.900139093 CEST49731443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.900141001 CEST49728443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.900221109 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.915191889 CEST49722443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.915199995 CEST49721443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.915218115 CEST49725443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.915220976 CEST49720443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.915282011 CEST49723443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.915527105 CEST49724443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.946523905 CEST4434973152.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.947653055 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.952898026 CEST44349722104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.952958107 CEST44349722104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.953000069 CEST44349722104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.953042984 CEST44349722104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.953051090 CEST49722443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.953067064 CEST44349722104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.953095913 CEST49722443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.953155041 CEST44349722104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.953191042 CEST44349722104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.953200102 CEST49722443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.953208923 CEST44349722104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.953275919 CEST49722443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.953664064 CEST44349722104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.953730106 CEST44349722104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.953787088 CEST49722443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.953793049 CEST44349722104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.954511881 CEST44349722104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.954564095 CEST49722443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.954565048 CEST44349722104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.954581976 CEST44349722104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.954628944 CEST49722443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.954646111 CEST44349722104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.955631971 CEST44349722104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.955698013 CEST49722443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.955703974 CEST44349722104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.955737114 CEST44349722104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.955780029 CEST49722443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.969006062 CEST4434973152.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.969021082 CEST4434973152.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.969037056 CEST4434973152.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.969046116 CEST4434973152.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.969050884 CEST4434973152.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.969062090 CEST49731443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.969074011 CEST4434973152.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.969095945 CEST4434973152.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.969121933 CEST49731443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.969157934 CEST49731443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.969609976 CEST4434972613.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.969948053 CEST4434972513.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.969985008 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.969995975 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.970010996 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.970022917 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.970033884 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.970037937 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.970053911 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.970072031 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.970077038 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.970098972 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.970475912 CEST4434972713.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.971189022 CEST4434972813.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.971465111 CEST4434972813.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.971673012 CEST49728443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.976661921 CEST4434972413.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.976830959 CEST4434972913.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.986053944 CEST4434972413.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.986067057 CEST4434972413.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.986099005 CEST4434972413.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.986100912 CEST49724443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.986124992 CEST4434972413.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.986140013 CEST4434972413.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.986280918 CEST49724443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.986393929 CEST49724443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.992311954 CEST4434971650.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.992315054 CEST4434971850.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.992342949 CEST4434971850.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.992348909 CEST4434971650.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.992350101 CEST4434971850.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.992400885 CEST4434971850.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.992404938 CEST4434971650.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.992425919 CEST49718443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.992436886 CEST4434971850.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.992460012 CEST49716443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.992463112 CEST49718443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.992475033 CEST4434971650.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.992476940 CEST4434971850.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.992513895 CEST49718443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.992624044 CEST4434972513.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.992635965 CEST4434972513.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.992640018 CEST4434972613.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.992649078 CEST4434972613.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.992655993 CEST49716443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.992659092 CEST4434972513.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.992665052 CEST4434971750.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.992670059 CEST4434972613.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.992676973 CEST4434972513.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.992680073 CEST4434972613.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.992683887 CEST4434972513.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.992687941 CEST4434972613.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.992687941 CEST4434971750.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.992688894 CEST49726443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.992690086 CEST49725443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.992712975 CEST4434972513.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.992721081 CEST4434972613.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.992722988 CEST4434971650.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.992733002 CEST4434972513.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.992763996 CEST49726443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.992769957 CEST4434972613.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.992777109 CEST49725443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.992780924 CEST49717443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.992796898 CEST4434971750.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.992820024 CEST49725443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.992845058 CEST4434971950.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.992856026 CEST4434971650.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.992870092 CEST4434971950.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.992871046 CEST49726443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.992876053 CEST4434971750.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.992891073 CEST49716443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.992914915 CEST49719443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.992928982 CEST4434971950.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.992944002 CEST49717443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.992961884 CEST49719443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.992970943 CEST4434971950.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.993037939 CEST4434971950.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.993067980 CEST49719443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.993088961 CEST4434972713.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.993103027 CEST4434972713.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.993120909 CEST4434972713.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.993133068 CEST49727443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.993136883 CEST4434972713.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.993148088 CEST4434972713.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.993163109 CEST4434972713.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.993169069 CEST49727443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.993185043 CEST4434972713.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.993194103 CEST49727443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.993216038 CEST49727443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.995644093 CEST4434973152.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.995657921 CEST4434973152.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.995673895 CEST4434973152.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.995682001 CEST4434973152.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.995698929 CEST4434973152.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.995707989 CEST4434973152.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.995753050 CEST49731443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.995800972 CEST49731443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.996756077 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.996768951 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.996778965 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.996803045 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.996807098 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.996813059 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.996824980 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.996846914 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.996866941 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.996910095 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.997529030 CEST4434972713.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.997628927 CEST4434972713.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.997632980 CEST49727443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.997669935 CEST49727443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.999366999 CEST4434972913.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.999377966 CEST4434972913.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.999392986 CEST4434972913.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.999401093 CEST4434972913.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.999408007 CEST4434972913.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.999459982 CEST49729443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.999469995 CEST4434972913.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.999547005 CEST4434972913.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.999566078 CEST49729443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:32.999567032 CEST49729443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.004898071 CEST4434972313.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.013006926 CEST4434972413.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.013019085 CEST4434972413.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.013055086 CEST4434972413.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.013082981 CEST4434972413.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.013097048 CEST4434972413.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.013115883 CEST4434972413.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.013124943 CEST49724443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.013264894 CEST49724443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.019396067 CEST4434972513.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.019406080 CEST4434972513.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.019422054 CEST4434972613.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.019434929 CEST4434972513.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.019435883 CEST4434972613.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.019444942 CEST4434972613.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.019445896 CEST4434972513.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.019458055 CEST4434972613.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.019465923 CEST4434972613.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.019465923 CEST49725443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.019479990 CEST4434972513.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.019498110 CEST4434972613.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.019571066 CEST49726443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.019579887 CEST4434972613.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.019594908 CEST49725443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.019598007 CEST49726443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.023910046 CEST4434972613.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.023973942 CEST4434972613.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.023986101 CEST49726443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.024025917 CEST49726443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.026294947 CEST4434972413.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.026308060 CEST4434972413.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.026371002 CEST49724443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.026397943 CEST4434972413.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.026417017 CEST4434972913.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.026426077 CEST4434972913.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.026442051 CEST4434972913.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.026442051 CEST49724443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.026449919 CEST4434972913.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.026456118 CEST4434972913.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.026459932 CEST4434972413.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.026463032 CEST49729443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.026474953 CEST4434972913.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.026504993 CEST4434972913.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.026530027 CEST49729443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.026530027 CEST49729443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.026531935 CEST49724443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.027904034 CEST4434972313.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.027924061 CEST4434972313.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.027945995 CEST4434972313.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.027954102 CEST4434972313.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.027962923 CEST4434972313.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.027972937 CEST49723443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.027987957 CEST4434972313.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.028014898 CEST49723443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.028022051 CEST4434972313.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.028043985 CEST49723443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.028206110 CEST4434972513.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.028253078 CEST49725443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.028259993 CEST4434972513.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.028274059 CEST4434972513.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.028312922 CEST49725443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.028635979 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.028659105 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.028669119 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.028686047 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.028696060 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.028704882 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.028711081 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.028729916 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.028757095 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.028776884 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.030801058 CEST4434972913.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.032918930 CEST49729443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.054676056 CEST4434972313.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.054719925 CEST4434972313.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.054735899 CEST4434972313.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.054761887 CEST4434972313.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.054761887 CEST49723443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.054788113 CEST4434972313.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.054817915 CEST4434972313.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.054821014 CEST49723443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.054858923 CEST49723443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.054862022 CEST4434972313.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.054878950 CEST49723443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.055047989 CEST4434972313.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.055094957 CEST49723443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.055422068 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.055444956 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.055453062 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.055478096 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.055486917 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.055490017 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.055506945 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.055533886 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.055538893 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.055574894 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.090575933 CEST49677443192.168.2.720.50.201.200
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.091329098 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.091376066 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.091408968 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.091430902 CEST49721443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.091440916 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.091468096 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.091483116 CEST49721443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.091502905 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.091531038 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.091538906 CEST49721443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.091547012 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.091578007 CEST49721443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.091829062 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.091887951 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.092178106 CEST49721443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.092185974 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.092777014 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.092809916 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.092830896 CEST49721443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.092835903 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.092874050 CEST49721443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.092880011 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.093590021 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.093621969 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.093652010 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.093671083 CEST49721443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.093677044 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.093713999 CEST49721443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.094369888 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.094425917 CEST49721443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.094455004 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.095390081 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.095419884 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.095449924 CEST49721443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.095453978 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.095463037 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.095494986 CEST49721443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.095500946 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.095539093 CEST49721443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.096169949 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.096234083 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.096266985 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.096290112 CEST49721443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.096296072 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.096333981 CEST49721443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.096939087 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.097021103 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.097101927 CEST49721443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.097107887 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.097891092 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.097920895 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.097949028 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.097959995 CEST49721443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.097965002 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.097995996 CEST49721443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.098710060 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.098757029 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.098759890 CEST49721443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.098764896 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.098799944 CEST49721443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.098805904 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.099877119 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.099925995 CEST49721443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.099931955 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.120424032 CEST4434973152.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.120465994 CEST4434973152.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.120515108 CEST49731443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.120520115 CEST4434973152.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.120553017 CEST4434973152.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.120562077 CEST49731443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.120575905 CEST4434973152.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.120579958 CEST49731443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.120620012 CEST49731443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.120908976 CEST44349720104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.120949030 CEST44349720104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.121001005 CEST49720443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.121021986 CEST44349720104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.121159077 CEST44349720104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.121228933 CEST44349720104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.121267080 CEST49720443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.121275902 CEST44349720104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.121359110 CEST44349720104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.121397972 CEST49720443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.121406078 CEST44349720104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.121448040 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.121457100 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.121484041 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.121494055 CEST49720443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.121500969 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.121516943 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.121526957 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.121532917 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.121542931 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.121556044 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.121762037 CEST44349720104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.121787071 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.121840954 CEST44349720104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.121874094 CEST44349720104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.121912003 CEST49720443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.121921062 CEST44349720104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.121983051 CEST49720443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.122454882 CEST44349720104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.122615099 CEST44349720104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.122863054 CEST49720443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.147156000 CEST4434973152.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.147190094 CEST4434973152.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.147231102 CEST49731443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.147238970 CEST4434973152.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.147274017 CEST49731443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.148221016 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.148231983 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.148252964 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.148286104 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.148293972 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.148336887 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.159460068 CEST49726443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.159482956 CEST4434972613.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.159790993 CEST49725443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.159818888 CEST4434972513.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.160773039 CEST49727443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.160792112 CEST4434972713.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.161674023 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.161735058 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.176189899 CEST4434973152.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.176213026 CEST4434973152.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.176246881 CEST49731443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.176259995 CEST4434973152.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.176287889 CEST49731443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.176959038 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.176996946 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.177026987 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.177064896 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.177069902 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.177109957 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.177124023 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.177129984 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.177186012 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.190572023 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.190597057 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.190629959 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.190637112 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.190681934 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.195339918 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.195386887 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.198455095 CEST4434973152.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.198486090 CEST4434973152.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.198519945 CEST49731443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.198529959 CEST4434973152.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.198565006 CEST49731443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.198581934 CEST49731443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.202676058 CEST4434973152.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.202739000 CEST4434973152.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.202781916 CEST49731443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.208030939 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.208064079 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.208110094 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.208144903 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.208168030 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.208178043 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.215182066 CEST49721443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.237014055 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.237044096 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.237109900 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.237180948 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.237215996 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.237238884 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.244788885 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.244832039 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.244952917 CEST49721443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.244982004 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.245024920 CEST49721443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.245142937 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.245167017 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.245204926 CEST49721443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.245982885 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.246037006 CEST49721443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.246048927 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.246117115 CEST49721443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.248203039 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.248214006 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.248266935 CEST49721443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.248373032 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.248382092 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.248425961 CEST49721443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.248604059 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.248665094 CEST49721443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.248816013 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.248859882 CEST49721443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.248868942 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.248905897 CEST49721443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.248914003 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.248982906 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.249025106 CEST49721443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.263977051 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.264015913 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.264091015 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.264132977 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.264158964 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.264183044 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.272186995 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.272217035 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.272294044 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.272336960 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.272372961 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.272442102 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.275605917 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.275662899 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.296315908 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.296348095 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.296407938 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.296416998 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.296478033 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.303401947 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.303472996 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.320431948 CEST49728443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.320460081 CEST4434972813.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.321307898 CEST49716443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.321347952 CEST4434971650.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.322880983 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.322925091 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.322957993 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.322963953 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.323012114 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.324542999 CEST49717443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.324611902 CEST4434971750.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.325092077 CEST49723443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.325109005 CEST4434972313.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.325452089 CEST49731443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.325736046 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.325818062 CEST49722443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.325836897 CEST44349722104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.337007999 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.337034941 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.337126017 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.337193966 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.337264061 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.337264061 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.340244055 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.340322018 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.340327978 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.340398073 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.355678082 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.355804920 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.355870008 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.355870008 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.355892897 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.355953932 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.357800961 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.357825994 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.357943058 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.357943058 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.357992887 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.358047009 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.365262032 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.365323067 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.371517897 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.371618986 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.379767895 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.379791975 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.379857063 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.379889965 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.379930973 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.380419016 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.380486012 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.386219978 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.386286020 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.389091015 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.389168024 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.397089005 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.397151947 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.397171974 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.397192001 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.397207022 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.397233963 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.402318001 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.402376890 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.402404070 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.402410984 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.402430058 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.402502060 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.415218115 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.415277004 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.415316105 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.415352106 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.415379047 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.415400982 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.416799068 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.416847944 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.416899920 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.416904926 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.416929007 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.416954994 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.430918932 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.430977106 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.431003094 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.431037903 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.431046009 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.431085110 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.432698965 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.432758093 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.432779074 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.432785034 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.432818890 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.432842970 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.444427967 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.444498062 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.444521904 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.444526911 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.444586992 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.446260929 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.446316004 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.446348906 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.446368933 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.446382046 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.446400881 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.452811003 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.452898979 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.452908993 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.452929020 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.452965021 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.453012943 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.460495949 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.460546970 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.460573912 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.460591078 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.460612059 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.460637093 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.469132900 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.469176054 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.469245911 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.469274044 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.469321012 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.484765053 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.484828949 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.484898090 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.484918118 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.484965086 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.496467113 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.496522903 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.496567965 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.496586084 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.496608973 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.496629000 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.507034063 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.507087946 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.507117987 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.507133961 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.507153988 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.507169962 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.516551018 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.516603947 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.516633034 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.516645908 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.516674995 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.516695023 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.522572994 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.522635937 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.522654057 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.522680044 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.522691965 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.522728920 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.608387947 CEST49724443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.608411074 CEST4434972413.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.609586954 CEST49718443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.609628916 CEST4434971850.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.610625029 CEST49719443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.610657930 CEST4434971950.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.612135887 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.612775087 CEST49721443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.815859079 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.816108942 CEST49729443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.816142082 CEST4434972913.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.817188978 CEST49731443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.817223072 CEST4434973152.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.987926006 CEST49720443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.988023996 CEST44349720104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.989758968 CEST49732443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.989788055 CEST4434973252.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.990262985 CEST49721443192.168.2.7104.17.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:33.990350008 CEST44349721104.17.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.008311987 CEST49730443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.008353949 CEST4434973052.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.390948057 CEST49734443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.391000986 CEST44349734104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.391052961 CEST49734443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.391799927 CEST49735443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.391815901 CEST4434973550.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.392131090 CEST49735443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.392643929 CEST49736443192.168.2.7152.195.19.97
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.392678976 CEST44349736152.195.19.97192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.393057108 CEST49736443192.168.2.7152.195.19.97
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.393775940 CEST49737443192.168.2.7152.195.19.97
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.393821001 CEST44349737152.195.19.97192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.393898010 CEST49737443192.168.2.7152.195.19.97
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.394766092 CEST49734443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.394785881 CEST44349734104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.395301104 CEST49735443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.395314932 CEST4434973550.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.395935059 CEST49736443192.168.2.7152.195.19.97
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.395950079 CEST44349736152.195.19.97192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.396140099 CEST49737443192.168.2.7152.195.19.97
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.396179914 CEST44349737152.195.19.97192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.544529915 CEST49738443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.544589043 CEST4434973852.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.544723988 CEST49738443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.545382977 CEST49738443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.545417070 CEST4434973852.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.587415934 CEST49739443192.168.2.7108.139.9.18
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.587538958 CEST49740443192.168.2.7108.139.9.18
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.587541103 CEST44349739108.139.9.18192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.587580919 CEST44349740108.139.9.18192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.587661982 CEST49739443192.168.2.7108.139.9.18
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.587775946 CEST49740443192.168.2.7108.139.9.18
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.590090990 CEST49740443192.168.2.7108.139.9.18
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.590110064 CEST44349740108.139.9.18192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.590243101 CEST49739443192.168.2.7108.139.9.18
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.590275049 CEST44349739108.139.9.18192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.705229998 CEST44349734104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.812488079 CEST49734443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.812517881 CEST44349734104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.813957930 CEST4434973550.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.816409111 CEST44349734104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.816456079 CEST44349734104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.816893101 CEST49734443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.866592884 CEST49735443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.866609097 CEST4434973550.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.867055893 CEST49734443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.867196083 CEST4434973550.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.867219925 CEST49734443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.867357016 CEST44349734104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.867742062 CEST49735443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.867825031 CEST4434973550.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.868351936 CEST49735443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.871860981 CEST4434973852.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.883950949 CEST44349736152.195.19.97192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.883986950 CEST44349737152.195.19.97192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.912125111 CEST4434973550.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.941946030 CEST44349739108.139.9.18192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.942712069 CEST44349740108.139.9.18192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.019337893 CEST49738443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.019340992 CEST49739443192.168.2.7108.139.9.18
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.019494057 CEST49740443192.168.2.7108.139.9.18
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.088123083 CEST44349737152.195.19.97192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.088129044 CEST44349736152.195.19.97192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.088155031 CEST44349734104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.088203907 CEST49736443192.168.2.7152.195.19.97
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.088222980 CEST49737443192.168.2.7152.195.19.97
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.088238955 CEST49734443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.091209888 CEST44349734104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.091341019 CEST44349734104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.091429949 CEST49734443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.091444016 CEST44349734104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.091538906 CEST44349734104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.091619015 CEST44349734104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.091661930 CEST49734443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.091670036 CEST44349734104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.091727972 CEST49734443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.091734886 CEST44349734104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.091811895 CEST44349734104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.091880083 CEST49734443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.096131086 CEST49738443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.096169949 CEST4434973852.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.096277952 CEST49736443192.168.2.7152.195.19.97
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.096292019 CEST44349736152.195.19.97192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.096391916 CEST49737443192.168.2.7152.195.19.97
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.096404076 CEST44349737152.195.19.97192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.096937895 CEST49739443192.168.2.7108.139.9.18
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.096986055 CEST44349739108.139.9.18192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.097089052 CEST49740443192.168.2.7108.139.9.18
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.097100973 CEST44349740108.139.9.18192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.097631931 CEST44349736152.195.19.97192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.097642899 CEST44349737152.195.19.97192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.097695112 CEST49736443192.168.2.7152.195.19.97
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.097718000 CEST49737443192.168.2.7152.195.19.97
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.098165989 CEST4434973852.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.098187923 CEST4434973852.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.098205090 CEST44349739108.139.9.18192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.098222971 CEST44349739108.139.9.18192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.098236084 CEST49738443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.098294020 CEST49739443192.168.2.7108.139.9.18
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.099530935 CEST49737443192.168.2.7152.195.19.97
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.099606991 CEST44349737152.195.19.97192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.099987984 CEST44349740108.139.9.18192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.099999905 CEST44349740108.139.9.18192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.100121975 CEST49740443192.168.2.7108.139.9.18
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.100294113 CEST49738443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.100563049 CEST4434973852.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.102123976 CEST49736443192.168.2.7152.195.19.97
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.102216959 CEST44349736152.195.19.97192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.102827072 CEST49739443192.168.2.7108.139.9.18
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.102902889 CEST49740443192.168.2.7108.139.9.18
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.102912903 CEST44349739108.139.9.18192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.103034019 CEST44349740108.139.9.18192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.103142977 CEST49737443192.168.2.7152.195.19.97
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.103166103 CEST44349737152.195.19.97192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.103452921 CEST49738443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.103467941 CEST4434973852.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.103781939 CEST49739443192.168.2.7108.139.9.18
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.103792906 CEST44349739108.139.9.18192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.103859901 CEST49740443192.168.2.7108.139.9.18
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.103874922 CEST44349740108.139.9.18192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.198163033 CEST49736443192.168.2.7152.195.19.97
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.198190928 CEST44349736152.195.19.97192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.198225975 CEST49737443192.168.2.7152.195.19.97
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.213521957 CEST49738443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.213591099 CEST49739443192.168.2.7108.139.9.18
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.213609934 CEST49740443192.168.2.7108.139.9.18
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.264059067 CEST44349737152.195.19.97192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.264436007 CEST44349737152.195.19.97192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.264445066 CEST44349737152.195.19.97192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.264458895 CEST44349737152.195.19.97192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.264467001 CEST44349737152.195.19.97192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.264473915 CEST44349737152.195.19.97192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.264494896 CEST49737443192.168.2.7152.195.19.97
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.264527082 CEST44349737152.195.19.97192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.264548063 CEST49737443192.168.2.7152.195.19.97
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.264554024 CEST44349737152.195.19.97192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.264574051 CEST49737443192.168.2.7152.195.19.97
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.264890909 CEST44349737152.195.19.97192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.264930010 CEST44349737152.195.19.97192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.264954090 CEST44349737152.195.19.97192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.264961958 CEST49737443192.168.2.7152.195.19.97
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.264969110 CEST44349737152.195.19.97192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.264978886 CEST44349737152.195.19.97192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.265000105 CEST49737443192.168.2.7152.195.19.97
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.265021086 CEST49737443192.168.2.7152.195.19.97
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.274781942 CEST4434973550.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.274873972 CEST4434973550.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.275156975 CEST49735443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.278234959 CEST4434973852.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.278276920 CEST4434973852.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.278292894 CEST4434973852.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.278350115 CEST49738443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.278382063 CEST4434973852.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.278395891 CEST4434973852.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.278413057 CEST4434973852.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.278422117 CEST49738443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.278450966 CEST49738443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.278460026 CEST4434973852.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.278465986 CEST49738443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.278501034 CEST49738443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.286575079 CEST44349739108.139.9.18192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.286663055 CEST44349739108.139.9.18192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.286717892 CEST49739443192.168.2.7108.139.9.18
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.287050962 CEST44349740108.139.9.18192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.287153959 CEST44349740108.139.9.18192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.287297010 CEST49740443192.168.2.7108.139.9.18
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.385653019 CEST49736443192.168.2.7152.195.19.97
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.423782110 CEST44349737152.195.19.97192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.423809052 CEST44349737152.195.19.97192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.423849106 CEST44349737152.195.19.97192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.423867941 CEST49737443192.168.2.7152.195.19.97
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.423887968 CEST44349737152.195.19.97192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.423922062 CEST49737443192.168.2.7152.195.19.97
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.423923016 CEST44349737152.195.19.97192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.423953056 CEST49737443192.168.2.7152.195.19.97
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:35.423979044 CEST49737443192.168.2.7152.195.19.97
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:36.018932104 CEST49734443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:36.018954039 CEST44349734104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:36.133714914 CEST49735443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:36.133759022 CEST4434973550.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:36.134263039 CEST49739443192.168.2.7108.139.9.18
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:36.134294987 CEST44349739108.139.9.18192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:36.135001898 CEST49740443192.168.2.7108.139.9.18
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:36.135024071 CEST44349740108.139.9.18192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:36.170056105 CEST49737443192.168.2.7152.195.19.97
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:36.170089960 CEST44349737152.195.19.97192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:36.170847893 CEST49738443192.168.2.752.85.205.195
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:36.170936108 CEST4434973852.85.205.195192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:36.173343897 CEST49741443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:36.173388004 CEST4434974150.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:36.173444033 CEST49741443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:36.196170092 CEST49741443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:36.196199894 CEST4434974150.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:36.324192047 CEST49742443192.168.2.7104.18.32.137
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:36.324229956 CEST44349742104.18.32.137192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:36.324318886 CEST49742443192.168.2.7104.18.32.137
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:36.324753046 CEST49742443192.168.2.7104.18.32.137
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:36.324769020 CEST44349742104.18.32.137192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:36.616832018 CEST4434974150.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:36.642366886 CEST44349742104.18.32.137192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:36.713351011 CEST49741443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:36.713363886 CEST49742443192.168.2.7104.18.32.137
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:37.034006119 CEST44349712142.250.141.99192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:37.034081936 CEST44349712142.250.141.99192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:37.034145117 CEST49712443192.168.2.7142.250.141.99
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:37.536273956 CEST49741443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:37.536309004 CEST4434974150.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:37.536863089 CEST4434974150.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:37.537038088 CEST49742443192.168.2.7104.18.32.137
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:37.537074089 CEST44349742104.18.32.137192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:37.537527084 CEST49741443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:37.537606001 CEST4434974150.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:37.538322926 CEST44349742104.18.32.137192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:37.538342953 CEST44349742104.18.32.137192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:37.538409948 CEST49742443192.168.2.7104.18.32.137
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:37.539216042 CEST49741443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:37.542514086 CEST49742443192.168.2.7104.18.32.137
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:37.542589903 CEST44349742104.18.32.137192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:37.548408985 CEST49742443192.168.2.7104.18.32.137
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:37.548422098 CEST44349742104.18.32.137192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:37.584115982 CEST4434974150.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:37.618664980 CEST49742443192.168.2.7104.18.32.137
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:37.721601963 CEST44349742104.18.32.137192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:37.721669912 CEST44349742104.18.32.137192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:37.721734047 CEST49742443192.168.2.7104.18.32.137
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.046299934 CEST4434974150.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.046380997 CEST4434974150.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.046427965 CEST49741443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.061489105 CEST49742443192.168.2.7104.18.32.137
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.061517000 CEST44349742104.18.32.137192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.083859921 CEST49712443192.168.2.7142.250.141.99
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.083889961 CEST44349712142.250.141.99192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.084276915 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.084317923 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.084383965 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.085530043 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.085545063 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.086168051 CEST49741443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.086186886 CEST4434974150.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.111902952 CEST49745443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.111943960 CEST4434974550.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.112034082 CEST49745443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.112478018 CEST49745443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.112488985 CEST4434974550.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.397418976 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.424727917 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.424741983 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.425282955 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.457664013 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.457819939 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.458429098 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.500116110 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.530529022 CEST4434974550.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.530960083 CEST49745443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.530972004 CEST4434974550.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.531337023 CEST4434974550.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.532002926 CEST49745443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.532072067 CEST4434974550.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.532175064 CEST49745443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.576117039 CEST4434974550.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.757792950 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.757832050 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.757896900 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.757910967 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.757980108 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.758012056 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.758024931 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.758032084 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.758071899 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.758116007 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.758244991 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.758275032 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.758285999 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.758291960 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.758330107 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.759001970 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.759057045 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.759088993 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.759095907 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.759102106 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.759146929 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.759856939 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.759923935 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.759953976 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.759962082 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.759968042 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.760431051 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.760812998 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.760845900 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.760890961 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.760898113 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.761688948 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.761719942 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.761733055 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.761740923 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.761781931 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.761787891 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.762484074 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.762514114 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.762523890 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.762530088 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.762574911 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.762582064 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.763314962 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.763355017 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.763360977 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.764184952 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.764230967 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.764240026 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.764441013 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.764480114 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.764494896 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.764960051 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.764991045 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.765003920 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.765010118 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.765047073 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.765090942 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.765814066 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.765866041 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.765872955 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.766942978 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.766999960 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.767008066 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.890394926 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.911284924 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.911297083 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.911333084 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.911976099 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.911984921 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.912028074 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.912045956 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.912079096 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.912121058 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.912128925 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.912166119 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.913115025 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.913124084 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.913167000 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.914067030 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.914073944 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.914117098 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.914902925 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.914911032 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.914957047 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.915304899 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.915353060 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.915585995 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.915632010 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.916649103 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.916695118 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.917382956 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.917432070 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.917625904 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.917670012 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.918287992 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.918335915 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.919426918 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.919482946 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.920063972 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.920114994 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.962254047 CEST4434974550.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.962280035 CEST4434974550.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.962316990 CEST49745443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.962327003 CEST4434974550.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.962410927 CEST4434974550.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.962445974 CEST49745443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.965328932 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:38.965384960 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.064244032 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.064304113 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.064443111 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.064486027 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.064493895 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.065329075 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.065367937 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.065373898 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.065422058 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.065593958 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.065632105 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.066209078 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.066251993 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.067229033 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.067277908 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.067836046 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.067881107 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.068546057 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.068586111 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.069396973 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.069422960 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.069434881 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.069441080 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.069463968 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.070482016 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.070521116 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.070525885 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.070559978 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.071208000 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.071254969 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.071962118 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.072000027 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.072784901 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.072829962 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.073065996 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.073102951 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.073954105 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.073998928 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.074765921 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.074805975 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.075647116 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.075689077 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.075702906 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.075741053 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.076524019 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.076564074 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.077364922 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.077404976 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.078346014 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.078387976 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.081203938 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.081212044 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.081235886 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.081259966 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.081267118 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.081315041 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.083617926 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.083633900 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.083679914 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.083687067 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.083736897 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.086237907 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.086253881 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.086306095 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.086312056 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.089370012 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.089387894 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.089418888 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.089423895 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.089466095 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.092025042 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.092081070 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.092117071 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.092171907 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.094603062 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.094619036 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.094660997 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.094666958 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.118402958 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.118419886 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.118463993 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.118470907 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.118520975 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.217713118 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.217736006 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.217775106 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.217788935 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.217827082 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.223155975 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.223187923 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.223223925 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.223231077 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.223268986 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.223530054 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.223556042 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.223609924 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.223617077 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.223637104 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.230088949 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.230153084 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.230173111 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.230189085 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.230218887 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.233390093 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.233433962 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.233480930 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.233486891 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.233531952 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.235726118 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.235778093 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.235800982 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.235807896 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.235857964 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.238354921 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.238396883 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.238425970 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.238432884 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.238478899 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.238486052 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.238528013 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.238533020 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.238652945 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.239301920 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.245790005 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.426033974 CEST49745443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.426059008 CEST4434974550.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.429773092 CEST49748443192.168.2.718.65.25.57
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.429795980 CEST4434974818.65.25.57192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.432785988 CEST49748443192.168.2.718.65.25.57
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.435374975 CEST49748443192.168.2.718.65.25.57
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.435384989 CEST4434974818.65.25.57192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.508286953 CEST49749443192.168.2.718.154.206.13
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.508313894 CEST4434974918.154.206.13192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.508390903 CEST49749443192.168.2.718.154.206.13
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.509027004 CEST49749443192.168.2.718.154.206.13
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.509042025 CEST4434974918.154.206.13192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.763617039 CEST4434974818.65.25.57192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.842170000 CEST4434974918.154.206.13192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.918157101 CEST49748443192.168.2.718.65.25.57
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.918168068 CEST4434974818.65.25.57192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.918521881 CEST49749443192.168.2.718.154.206.13
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.918529034 CEST4434974918.154.206.13192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.919374943 CEST4434974818.65.25.57192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.919394016 CEST4434974818.65.25.57192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.919491053 CEST49748443192.168.2.718.65.25.57
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.922426939 CEST4434974918.154.206.13192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.922467947 CEST4434974918.154.206.13192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.922518969 CEST49749443192.168.2.718.154.206.13
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.924349070 CEST49748443192.168.2.718.65.25.57
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.924482107 CEST4434974818.65.25.57192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.926218033 CEST49748443192.168.2.718.65.25.57
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.926224947 CEST4434974818.65.25.57192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.926331043 CEST49749443192.168.2.718.154.206.13
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.926517963 CEST49749443192.168.2.718.154.206.13
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.926522017 CEST4434974918.154.206.13192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.926539898 CEST4434974918.154.206.13192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.937158108 CEST49744443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.937182903 CEST44349744104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.961564064 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.961592913 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.961683989 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.963064909 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.963087082 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.991517067 CEST49748443192.168.2.718.65.25.57
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.991517067 CEST49749443192.168.2.718.154.206.13
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.991553068 CEST4434974918.154.206.13192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.199462891 CEST49749443192.168.2.718.154.206.13
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.225346088 CEST4434974918.154.206.13192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.238461018 CEST4434974818.65.25.57192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.247441053 CEST4434974818.65.25.57192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.247451067 CEST4434974818.65.25.57192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.247486115 CEST4434974818.65.25.57192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.247508049 CEST4434974818.65.25.57192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.247535944 CEST49748443192.168.2.718.65.25.57
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.247561932 CEST4434974818.65.25.57192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.247601986 CEST49748443192.168.2.718.65.25.57
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.247601986 CEST49748443192.168.2.718.65.25.57
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.247864008 CEST4434974918.154.206.13192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.247894049 CEST4434974918.154.206.13192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.247925043 CEST4434974918.154.206.13192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.247941971 CEST49749443192.168.2.718.154.206.13
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.247944117 CEST4434974918.154.206.13192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.247963905 CEST4434974918.154.206.13192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.247984886 CEST49749443192.168.2.718.154.206.13
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.247984886 CEST49749443192.168.2.718.154.206.13
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.247992039 CEST4434974918.154.206.13192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.248008966 CEST49749443192.168.2.718.154.206.13
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.248020887 CEST4434974918.154.206.13192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.248044968 CEST49749443192.168.2.718.154.206.13
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.249767065 CEST4434974818.65.25.57192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.249835014 CEST4434974818.65.25.57192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.249914885 CEST49748443192.168.2.718.65.25.57
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.273827076 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.274725914 CEST4434974918.154.206.13192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.274751902 CEST4434974918.154.206.13192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.274784088 CEST49749443192.168.2.718.154.206.13
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.274794102 CEST4434974918.154.206.13192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.274821997 CEST4434974918.154.206.13192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.274851084 CEST4434974918.154.206.13192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.274854898 CEST49749443192.168.2.718.154.206.13
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.274868965 CEST49749443192.168.2.718.154.206.13
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.274874926 CEST4434974918.154.206.13192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.274900913 CEST4434974918.154.206.13192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.274918079 CEST4434974918.154.206.13192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.274924040 CEST49749443192.168.2.718.154.206.13
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.274924040 CEST49749443192.168.2.718.154.206.13
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.274943113 CEST49749443192.168.2.718.154.206.13
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.391578913 CEST49749443192.168.2.718.154.206.13
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.391581059 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.398264885 CEST4434974918.154.206.13192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.398283005 CEST4434974918.154.206.13192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.398303986 CEST4434974918.154.206.13192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.398313046 CEST4434974918.154.206.13192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.398329973 CEST4434974918.154.206.13192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.398333073 CEST49749443192.168.2.718.154.206.13
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.398350954 CEST4434974918.154.206.13192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.398380995 CEST49749443192.168.2.718.154.206.13
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.398413897 CEST49749443192.168.2.718.154.206.13
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.429759979 CEST4434974918.154.206.13192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.429800987 CEST4434974918.154.206.13192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.429819107 CEST4434974918.154.206.13192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.429863930 CEST49749443192.168.2.718.154.206.13
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.429868937 CEST4434974918.154.206.13192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.429898977 CEST4434974918.154.206.13192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.429913044 CEST49749443192.168.2.718.154.206.13
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.429919958 CEST4434974918.154.206.13192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.429933071 CEST49749443192.168.2.718.154.206.13
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.429949045 CEST4434974918.154.206.13192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.429951906 CEST49749443192.168.2.718.154.206.13
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.429996014 CEST49749443192.168.2.718.154.206.13
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.459827900 CEST4434974918.154.206.13192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.459849119 CEST4434974918.154.206.13192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.459872007 CEST4434974918.154.206.13192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.459887028 CEST49749443192.168.2.718.154.206.13
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.459897041 CEST4434974918.154.206.13192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.459929943 CEST49749443192.168.2.718.154.206.13
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.459933996 CEST4434974918.154.206.13192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.459970951 CEST49749443192.168.2.718.154.206.13
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.485090971 CEST4434974918.154.206.13192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.485124111 CEST4434974918.154.206.13192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.485157013 CEST49749443192.168.2.718.154.206.13
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.485179901 CEST4434974918.154.206.13192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.485204935 CEST49749443192.168.2.718.154.206.13
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.485224962 CEST49749443192.168.2.718.154.206.13
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.544840097 CEST4434974918.154.206.13192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.544969082 CEST4434974918.154.206.13192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.545021057 CEST49749443192.168.2.718.154.206.13
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.545021057 CEST49749443192.168.2.718.154.206.13
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:44.915539980 CEST49749443192.168.2.718.154.206.13
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:44.916989088 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:44.917026997 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:44.917627096 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:44.949410915 CEST49751443192.168.2.7104.17.246.203
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:44.949449062 CEST44349751104.17.246.203192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:44.949523926 CEST49751443192.168.2.7104.17.246.203
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:44.992506981 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.285307884 CEST49753443192.168.2.7104.17.246.203
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.285358906 CEST44349753104.17.246.203192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.285593033 CEST49753443192.168.2.7104.17.246.203
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.428709030 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.428925991 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.429761887 CEST49751443192.168.2.7104.17.246.203
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.429785013 CEST44349751104.17.246.203192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.485872030 CEST49753443192.168.2.7104.17.246.203
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.485896111 CEST44349753104.17.246.203192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.486309052 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.532165051 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.659985065 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.660027027 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.660136938 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.660167933 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.660207987 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.660254955 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.660263062 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.660394907 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.660423994 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.660434008 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.660442114 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.660476923 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.660957098 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.661122084 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.661170006 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.661176920 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.661678076 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.661725998 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.661731005 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.661745071 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.661784887 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.662363052 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.662610054 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.662656069 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.662662983 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.663506031 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.663538933 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.663546085 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.663553953 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.663590908 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.663597107 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.664164066 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.664212942 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.664222956 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.664386988 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.664429903 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.664437056 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.664968014 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.665015936 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.665021896 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.665035009 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.665075064 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.665085077 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.665853024 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.665900946 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.665908098 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.665946960 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.665986061 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.665992022 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.666707039 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.666739941 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.666758060 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.666764975 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.666806936 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.667515993 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.667602062 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.667651892 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.667658091 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.668473959 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.668545961 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.668553114 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.669117928 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.669173002 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.669179916 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.747973919 CEST44349751104.17.246.203192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.803570032 CEST44349753104.17.246.203192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.813174009 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.813218117 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.813312054 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.813344002 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.813359022 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.813890934 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.813941002 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.813956022 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.813997030 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.814018965 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.814026117 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.814063072 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.814702034 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.814708948 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.814755917 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.815545082 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.815551043 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.815594912 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.816411018 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.816418886 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.816467047 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.817039967 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.817047119 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.817095041 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.817878008 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.817886114 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.817951918 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.818581104 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.818639994 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.819442987 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.819505930 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.819519043 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.819622040 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.820410013 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.820471048 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.821366072 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.821417093 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.822073936 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.822129011 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.822129011 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.822140932 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.822170019 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.886291981 CEST49753443192.168.2.7104.17.246.203
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.917723894 CEST49751443192.168.2.7104.17.246.203
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.965786934 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.965825081 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.965915918 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.965946913 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.965962887 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.965977907 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.966200113 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.966252089 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.967012882 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.967068911 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.967833996 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.967891932 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.968689919 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.968749046 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.969312906 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.969364882 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.970169067 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.970257998 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.971012115 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.971048117 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.971062899 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.971071005 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.971096992 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.971117020 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.971873999 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.971925974 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.972754955 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.972812891 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.973619938 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.973681927 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.973683119 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.973694086 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.973721027 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.973737001 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.974683046 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.974739075 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.975574017 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.975630999 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.976389885 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.976448059 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.976461887 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.976510048 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.977262974 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.977319956 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.978185892 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.978214979 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.978240967 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.978247881 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.978282928 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.978291988 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.978327036 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:45.978365898 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:47.050345898 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:47.067580938 CEST49751443192.168.2.7104.17.246.203
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:47.067622900 CEST44349751104.17.246.203192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:47.068885088 CEST44349751104.17.246.203192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:47.068902016 CEST44349751104.17.246.203192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:47.069051981 CEST49751443192.168.2.7104.17.246.203
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:47.090662956 CEST49753443192.168.2.7104.17.246.203
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:47.090687990 CEST44349753104.17.246.203192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:47.094656944 CEST44349753104.17.246.203192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:47.094696045 CEST44349753104.17.246.203192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:47.094949007 CEST49753443192.168.2.7104.17.246.203
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:47.101569891 CEST49751443192.168.2.7104.17.246.203
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:47.101747990 CEST44349751104.17.246.203192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:47.140393972 CEST49753443192.168.2.7104.17.246.203
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:47.140613079 CEST44349753104.17.246.203192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:47.197252989 CEST49753443192.168.2.7104.17.246.203
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:47.197273016 CEST44349753104.17.246.203192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:47.212682009 CEST49751443192.168.2.7104.17.246.203
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:47.212707996 CEST44349751104.17.246.203192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:47.300185919 CEST49753443192.168.2.7104.17.246.203
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:47.376218081 CEST49751443192.168.2.7104.17.246.203
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:47.428121090 CEST44349751104.17.246.203192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:47.544141054 CEST44349751104.17.246.203192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:47.544274092 CEST44349751104.17.246.203192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:47.544364929 CEST49751443192.168.2.7104.17.246.203
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.606429100 CEST49748443192.168.2.718.65.25.57
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.606456995 CEST4434974818.65.25.57192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.606970072 CEST49751443192.168.2.7104.17.246.203
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.607002974 CEST44349751104.17.246.203192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.706701040 CEST49749443192.168.2.718.154.206.13
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.706722021 CEST4434974918.154.206.13192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.718162060 CEST49753443192.168.2.7104.17.246.203
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.764107943 CEST44349753104.17.246.203192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.812396049 CEST49750443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.812422037 CEST44349750104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.855143070 CEST49757443192.168.2.723.1.102.27
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.855191946 CEST4434975723.1.102.27192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.855282068 CEST49757443192.168.2.723.1.102.27
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.857100010 CEST49757443192.168.2.723.1.102.27
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.857111931 CEST4434975723.1.102.27192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.891460896 CEST44349753104.17.246.203192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.891587019 CEST44349753104.17.246.203192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.891632080 CEST44349753104.17.246.203192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.891690969 CEST49753443192.168.2.7104.17.246.203
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.891700983 CEST44349753104.17.246.203192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.891836882 CEST49753443192.168.2.7104.17.246.203
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.891841888 CEST44349753104.17.246.203192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.891902924 CEST44349753104.17.246.203192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.891999960 CEST44349753104.17.246.203192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.892004013 CEST49753443192.168.2.7104.17.246.203
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.892060041 CEST49753443192.168.2.7104.17.246.203
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.892309904 CEST49758443192.168.2.7142.251.2.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.892338037 CEST44349758142.251.2.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.892369032 CEST49759443192.168.2.7142.251.2.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.892394066 CEST44349759142.251.2.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.892438889 CEST49759443192.168.2.7142.251.2.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.892483950 CEST49758443192.168.2.7142.251.2.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.892822027 CEST49759443192.168.2.7142.251.2.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.892828941 CEST44349759142.251.2.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.893721104 CEST49758443192.168.2.7142.251.2.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.893738031 CEST44349758142.251.2.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.925404072 CEST49760443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.925513029 CEST44349760192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.925592899 CEST49760443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.925870895 CEST49760443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.925910950 CEST44349760192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.939529896 CEST49761443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.939570904 CEST44349761104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.939635992 CEST49761443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.939841986 CEST49761443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.939852953 CEST44349761104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.940327883 CEST49762443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.940359116 CEST44349762104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.940407038 CEST49762443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.940689087 CEST49762443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.940695047 CEST44349762104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.950509071 CEST49753443192.168.2.7104.17.246.203
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.950521946 CEST44349753104.17.246.203192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.958204031 CEST49763443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.958234072 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.958302975 CEST49763443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.958534956 CEST49763443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.958549976 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.140861034 CEST49764443192.168.2.752.165.165.26
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.140907049 CEST4434976452.165.165.26192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.140983105 CEST49764443192.168.2.752.165.165.26
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.142371893 CEST49764443192.168.2.752.165.165.26
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.142383099 CEST4434976452.165.165.26192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.206826925 CEST4434975723.1.102.27192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.206888914 CEST49757443192.168.2.723.1.102.27
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.211642027 CEST49757443192.168.2.723.1.102.27
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.211651087 CEST4434975723.1.102.27192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.211936951 CEST4434975723.1.102.27192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.253168106 CEST44349758142.251.2.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.255568027 CEST44349762104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.257493019 CEST44349759142.251.2.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.258615971 CEST44349761104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.272902966 CEST49757443192.168.2.723.1.102.27
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.273119926 CEST49758443192.168.2.7142.251.2.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.273129940 CEST44349758142.251.2.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.273241997 CEST49762443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.273263931 CEST44349762104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.273359060 CEST49759443192.168.2.7142.251.2.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.273371935 CEST44349759142.251.2.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.273480892 CEST49761443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.273507118 CEST44349761104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.273911953 CEST44349761104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.274142981 CEST44349758142.251.2.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.274202108 CEST49758443192.168.2.7142.251.2.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.274780035 CEST44349759142.251.2.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.274831057 CEST49759443192.168.2.7142.251.2.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.275569916 CEST44349762104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.280880928 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.283879042 CEST49761443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.283977032 CEST44349761104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.288228989 CEST49758443192.168.2.7142.251.2.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.288321972 CEST44349758142.251.2.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.288700104 CEST49762443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.288786888 CEST44349762104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.288862944 CEST49763443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.288876057 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.289501905 CEST49759443192.168.2.7142.251.2.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.289602041 CEST44349759142.251.2.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.289824963 CEST49761443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.289868116 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.289916992 CEST49763443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.290014029 CEST49762443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.290074110 CEST49759443192.168.2.7142.251.2.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.290085077 CEST44349759142.251.2.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.290239096 CEST49758443192.168.2.7142.251.2.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.290247917 CEST44349758142.251.2.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.290913105 CEST49763443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.290960073 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.291197062 CEST49763443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.291203976 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.297363997 CEST49765443192.168.2.774.125.137.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.297389984 CEST4434976574.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.297465086 CEST49765443192.168.2.774.125.137.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.297640085 CEST49765443192.168.2.774.125.137.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.297652006 CEST4434976574.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.320111036 CEST4434975723.1.102.27192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.332112074 CEST44349762104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.336108923 CEST44349761104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.374409914 CEST44349760192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.375108004 CEST49760443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.375123978 CEST44349760192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.376431942 CEST44349760192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.376508951 CEST49760443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.378532887 CEST49760443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.378597021 CEST44349760192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.378707886 CEST49760443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.378715992 CEST44349760192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.416235924 CEST49759443192.168.2.7142.251.2.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.416251898 CEST49763443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.416475058 CEST49758443192.168.2.7142.251.2.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.541780949 CEST4434975723.1.102.27192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.541893005 CEST4434975723.1.102.27192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.541949034 CEST49757443192.168.2.723.1.102.27
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.584121943 CEST44349760192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.584167957 CEST49760443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.604753971 CEST44349758142.251.2.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.604861021 CEST44349758142.251.2.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.604906082 CEST49758443192.168.2.7142.251.2.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.608690977 CEST44349759142.251.2.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.608906984 CEST44349759142.251.2.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.608961105 CEST49759443192.168.2.7142.251.2.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.616075993 CEST44349762104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.616478920 CEST44349762104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.616508961 CEST44349762104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.616523981 CEST49762443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.616554022 CEST44349762104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.616596937 CEST49762443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.616605043 CEST44349762104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.616684914 CEST44349762104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.616708040 CEST44349762104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.616719961 CEST49762443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.616724968 CEST44349762104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.616764069 CEST49762443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.617377996 CEST44349762104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.617424965 CEST44349762104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.617459059 CEST49762443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.617469072 CEST44349762104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.617484093 CEST44349762104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.617516041 CEST49762443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.618108034 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.618132114 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.618141890 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.618160963 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.618170023 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.618175030 CEST49763443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.618181944 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.618206024 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.618218899 CEST49763443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.618228912 CEST49763443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.618243933 CEST44349762104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.618249893 CEST49763443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.618279934 CEST44349762104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.618314028 CEST49762443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.618320942 CEST44349762104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.618380070 CEST44349762104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.618416071 CEST49762443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.621854067 CEST44349761104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.622045040 CEST44349761104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.622077942 CEST44349761104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.622087955 CEST49761443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.622097969 CEST44349761104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.622139931 CEST49761443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.622148991 CEST44349761104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.622692108 CEST44349761104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.622760057 CEST44349761104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.622776031 CEST49761443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.622786045 CEST44349761104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.622823954 CEST49761443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.622920036 CEST44349761104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.623013973 CEST44349761104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.623034000 CEST44349761104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.623054981 CEST49761443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.623063087 CEST44349761104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.623100042 CEST49761443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.623106956 CEST44349761104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.623123884 CEST44349761104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.623171091 CEST49761443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.644773960 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.644783974 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.644804955 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.644834042 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.644835949 CEST49763443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.644850969 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.644884109 CEST49763443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.644898891 CEST49763443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.658319950 CEST4434976574.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.700054884 CEST49765443192.168.2.774.125.137.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.754183054 CEST4434976452.165.165.26192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.754245996 CEST49764443192.168.2.752.165.165.26
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.761816978 CEST49765443192.168.2.774.125.137.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.761841059 CEST4434976574.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.763796091 CEST49758443192.168.2.7142.251.2.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.763809919 CEST44349758142.251.2.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.764090061 CEST49759443192.168.2.7142.251.2.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.764111042 CEST44349759142.251.2.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.765427113 CEST4434976574.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.765500069 CEST49765443192.168.2.774.125.137.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.774146080 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.774167061 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.774218082 CEST49763443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.774228096 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.774270058 CEST49763443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.774286985 CEST49763443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.805270910 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.805288076 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.805339098 CEST49763443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.805349112 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.805386066 CEST49763443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.805399895 CEST49763443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.812988043 CEST44349760192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.813066959 CEST44349760192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.813122034 CEST49760443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.834302902 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.834330082 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.834378004 CEST49763443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.834388018 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.834424973 CEST49763443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.834441900 CEST49763443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.922117949 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.922136068 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.922193050 CEST49763443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.922213078 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.922241926 CEST49763443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.922255993 CEST49763443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.945770979 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.945789099 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.945857048 CEST49763443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.945873976 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.945916891 CEST49763443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.967483044 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.967500925 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.967539072 CEST49763443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.967551947 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.967580080 CEST49763443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.967595100 CEST49763443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.990950108 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.990967035 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.991029978 CEST49763443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.991040945 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.991080999 CEST49763443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.015702963 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.015727043 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.015794039 CEST49763443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.015810013 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.015856981 CEST49763443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.035901070 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.035919905 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.035969019 CEST49763443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.035979986 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.036015034 CEST49763443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.036029100 CEST49763443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.054836035 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.054857016 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.054902077 CEST49763443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.054915905 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.054964066 CEST49763443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.083509922 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.083535910 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.083578110 CEST49763443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.083587885 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.083621025 CEST49763443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.083636999 CEST49763443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.095930099 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.095971107 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.095993996 CEST49763443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.096012115 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.096024990 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.096046925 CEST49763443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.096070051 CEST49763443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.359601021 CEST49765443192.168.2.774.125.137.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.359827042 CEST4434976574.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.359904051 CEST49765443192.168.2.774.125.137.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.360591888 CEST49760443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.360627890 CEST44349760192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.376831055 CEST49757443192.168.2.723.1.102.27
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.376852036 CEST4434975723.1.102.27192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.404120922 CEST4434976574.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.437235117 CEST49764443192.168.2.752.165.165.26
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.437253952 CEST4434976452.165.165.26192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.437598944 CEST4434976452.165.165.26192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.521758080 CEST49766443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.521796942 CEST44349766192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.521940947 CEST49766443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.538865089 CEST49766443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.538886070 CEST44349766192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.548280954 CEST4434976574.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.549649954 CEST49765443192.168.2.774.125.137.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.587568998 CEST49764443192.168.2.752.165.165.26
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.736499071 CEST49763443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.800894022 CEST49762443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.800940990 CEST44349762104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.812230110 CEST49761443192.168.2.7104.19.178.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.812256098 CEST44349761104.19.178.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.909405947 CEST49765443192.168.2.774.125.137.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.909426928 CEST4434976574.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.919475079 CEST49763443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.919507027 CEST4434976313.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.936798096 CEST49767443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.936820984 CEST4434976713.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.936892986 CEST49767443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.937258959 CEST49767443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.937269926 CEST4434976713.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.982052088 CEST44349766192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.028119087 CEST49766443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.028134108 CEST44349766192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.028489113 CEST44349766192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.028498888 CEST49769443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.028562069 CEST44349769142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.028620958 CEST49769443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.028733015 CEST49770443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.028768063 CEST44349770142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.028821945 CEST49770443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.028932095 CEST49771443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.028974056 CEST44349771142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.029019117 CEST49771443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.029439926 CEST49769443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.029448986 CEST44349769142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.029799938 CEST49766443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.029858112 CEST44349766192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.029858112 CEST49770443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.029869080 CEST44349770142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.030004978 CEST49771443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.030013084 CEST44349771142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.030216932 CEST49766443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.070559025 CEST49772443192.168.2.7143.244.50.82
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.070589066 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.071182966 CEST49772443192.168.2.7143.244.50.82
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.071436882 CEST49772443192.168.2.7143.244.50.82
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.071449995 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.072120905 CEST44349766192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.109679937 CEST49773443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.109704018 CEST443497733.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.109795094 CEST49773443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.110039949 CEST49773443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.110050917 CEST443497733.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.262300014 CEST4434976713.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.266704082 CEST49774443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.266752005 CEST4434977452.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.266810894 CEST49774443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.267025948 CEST49767443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.267044067 CEST4434976713.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.267404079 CEST49775443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.267514944 CEST4434977552.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.267594099 CEST49775443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.267648935 CEST49774443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.267661095 CEST4434977452.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.267822981 CEST49775443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.267878056 CEST4434977552.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.267946959 CEST4434976713.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.277918100 CEST49767443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.278126001 CEST49767443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.278191090 CEST4434976713.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.301186085 CEST49776443192.168.2.723.1.102.27
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.301218033 CEST4434977623.1.102.27192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.301290989 CEST49776443192.168.2.723.1.102.27
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.301558971 CEST49776443192.168.2.723.1.102.27
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.301573038 CEST4434977623.1.102.27192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.385899067 CEST44349770142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.386173964 CEST49767443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.387283087 CEST44349771142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.389929056 CEST44349769142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.409034967 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.479799032 CEST44349766192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.480025053 CEST44349766192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.480122089 CEST49766443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.489783049 CEST49771443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.489801884 CEST44349771142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.489984989 CEST49770443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.490037918 CEST44349770142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.490077972 CEST49769443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.490106106 CEST44349769142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.490390062 CEST49772443192.168.2.7143.244.50.82
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.490407944 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.491137981 CEST44349771142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.491149902 CEST44349771142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.491230965 CEST49771443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.491353035 CEST44349769142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.491368055 CEST44349769142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.491413116 CEST49769443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.493824005 CEST44349770142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.493861914 CEST44349770142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.493899107 CEST49770443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.494560003 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.494599104 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.494637966 CEST49772443192.168.2.7143.244.50.82
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.513041973 CEST49771443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.513175964 CEST44349771142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.515619993 CEST49769443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.515707970 CEST44349769142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.517117977 CEST49766443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.517138958 CEST44349766192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.519952059 CEST49770443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.520267010 CEST44349770142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.536901951 CEST49771443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.536910057 CEST44349771142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.552650928 CEST49769443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.552704096 CEST44349769142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.553543091 CEST49772443192.168.2.7143.244.50.82
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.553677082 CEST49770443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.553710938 CEST44349770142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.553838968 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.553905010 CEST49772443192.168.2.7143.244.50.82
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.585249901 CEST4434976713.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.585314035 CEST4434976713.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.585366964 CEST49767443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.585386992 CEST4434976713.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.585478067 CEST4434976713.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.585525036 CEST49767443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.600116968 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.604145050 CEST49771443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.604177952 CEST49770443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.604259968 CEST49772443192.168.2.7143.244.50.82
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.604270935 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.628317118 CEST49767443192.168.2.713.226.251.88
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.628346920 CEST4434976713.226.251.88192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.658869982 CEST4434977623.1.102.27192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.659015894 CEST49776443192.168.2.723.1.102.27
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.685323954 CEST49769443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.713351011 CEST49772443192.168.2.7143.244.50.82
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.743004084 CEST44349770142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.743225098 CEST44349770142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.743292093 CEST49770443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.750941038 CEST44349769142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.751034021 CEST44349769142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.751084089 CEST49769443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.755547047 CEST44349771142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.755625963 CEST44349771142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.755702019 CEST49771443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.792562962 CEST49776443192.168.2.723.1.102.27
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.792589903 CEST4434977623.1.102.27192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.792958975 CEST4434977623.1.102.27192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.794198990 CEST49776443192.168.2.723.1.102.27
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.800662041 CEST49770443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.800724030 CEST44349770142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.801589966 CEST49769443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.801630020 CEST44349769142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.802359104 CEST49771443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.802373886 CEST44349771142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.805109978 CEST49777443192.168.2.7142.251.2.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.805138111 CEST44349777142.251.2.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.805191994 CEST49777443192.168.2.7142.251.2.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.805849075 CEST49778443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.805881023 CEST44349778192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.805929899 CEST49778443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.806185007 CEST49777443192.168.2.7142.251.2.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.806197882 CEST44349777142.251.2.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.806780100 CEST49778443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.806798935 CEST44349778192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.836160898 CEST4434977623.1.102.27192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.908560991 CEST4434977452.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.909243107 CEST4434977552.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.990994930 CEST49774443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.991002083 CEST49775443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.994878054 CEST4434977623.1.102.27192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.994962931 CEST4434977623.1.102.27192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.995675087 CEST49776443192.168.2.723.1.102.27
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.007688046 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.016679049 CEST443497733.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.074846029 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.074878931 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.074907064 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.074923992 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.074934006 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.074958086 CEST49772443192.168.2.7143.244.50.82
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.075021029 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.075054884 CEST49772443192.168.2.7143.244.50.82
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.075064898 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.075092077 CEST49772443192.168.2.7143.244.50.82
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.115583897 CEST49772443192.168.2.7143.244.50.82
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.149954081 CEST49774443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.149979115 CEST4434977452.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.154156923 CEST4434977452.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.154187918 CEST4434977452.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.154233932 CEST49774443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.167484999 CEST44349777142.251.2.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.175852060 CEST49775443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.175909042 CEST4434977552.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.176124096 CEST49773443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.176145077 CEST443497733.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.176577091 CEST49780443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.176642895 CEST44349780142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.176707029 CEST49780443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.176866055 CEST49781443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.176898003 CEST44349781142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.176943064 CEST49781443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.177927017 CEST49774443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.178221941 CEST49777443192.168.2.7142.251.2.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.178230047 CEST44349777142.251.2.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.178549051 CEST49780443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.178592920 CEST44349780142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.178709984 CEST49781443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.178719997 CEST44349781142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.178936005 CEST4434977452.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.178998947 CEST49774443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.179006100 CEST4434977452.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.179261923 CEST4434977552.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.179292917 CEST4434977552.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.179336071 CEST49775443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.180295944 CEST443497733.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.180318117 CEST443497733.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.180365086 CEST49773443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.180501938 CEST44349777142.251.2.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.208046913 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.208069086 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.208086014 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.208112001 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.208122015 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.208132029 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.208168983 CEST49772443192.168.2.7143.244.50.82
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.208168983 CEST49772443192.168.2.7143.244.50.82
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.208221912 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.208249092 CEST49772443192.168.2.7143.244.50.82
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.208271027 CEST49772443192.168.2.7143.244.50.82
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.219247103 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.242115021 CEST49775443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.242377043 CEST4434977552.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.242889881 CEST49777443192.168.2.7142.251.2.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.243042946 CEST44349777142.251.2.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.243839979 CEST49773443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.244131088 CEST49777443192.168.2.7142.251.2.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.244230032 CEST443497733.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.244710922 CEST49773443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.244728088 CEST443497733.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.244743109 CEST49773443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.244760990 CEST443497733.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.258292913 CEST44349778192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.286703110 CEST49776443192.168.2.723.1.102.27
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.286703110 CEST49776443192.168.2.723.1.102.27
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.286731958 CEST4434977623.1.102.27192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.286744118 CEST4434977623.1.102.27192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.288127899 CEST44349777142.251.2.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.289169073 CEST49778443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.289182901 CEST44349778192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.290110111 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.290124893 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.290153980 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.290169001 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.290179968 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.290189028 CEST49772443192.168.2.7143.244.50.82
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.290195942 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.290225983 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.290232897 CEST49772443192.168.2.7143.244.50.82
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.290278912 CEST49772443192.168.2.7143.244.50.82
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.290517092 CEST44349778192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.336688042 CEST49778443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.337075949 CEST44349778192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.341088057 CEST49778443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.343512058 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.343523979 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.343539953 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.343553066 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.343596935 CEST49772443192.168.2.7143.244.50.82
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.343617916 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.343645096 CEST49772443192.168.2.7143.244.50.82
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.384128094 CEST44349778192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.385634899 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.385644913 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.385683060 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.385695934 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.385704041 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.385716915 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.385734081 CEST49772443192.168.2.7143.244.50.82
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.385801077 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.385833979 CEST49772443192.168.2.7143.244.50.82
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.391638041 CEST4434977452.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.391736031 CEST49774443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.398886919 CEST49775443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.398920059 CEST4434977552.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.398962975 CEST49773443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.420897007 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.420913935 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.420943022 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.420959949 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.420968056 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.420985937 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.421000957 CEST49772443192.168.2.7143.244.50.82
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.421032906 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.421066046 CEST49772443192.168.2.7143.244.50.82
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.456397057 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.456422091 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.456444979 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.456454039 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.456461906 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.456478119 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.456516981 CEST49772443192.168.2.7143.244.50.82
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.456556082 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.456587076 CEST49772443192.168.2.7143.244.50.82
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.471246004 CEST49774443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.471287012 CEST4434977452.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.473639011 CEST49775443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.473695040 CEST49775443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.473757982 CEST4434977552.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.507209063 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.507224083 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.507256031 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.507266998 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.507273912 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.507301092 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.507314920 CEST49772443192.168.2.7143.244.50.82
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.507375002 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.507407904 CEST49772443192.168.2.7143.244.50.82
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.525182009 CEST44349777142.251.2.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.525358915 CEST44349777142.251.2.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.525432110 CEST49777443192.168.2.7142.251.2.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.528722048 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.528755903 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.528785944 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.528806925 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.528808117 CEST49772443192.168.2.7143.244.50.82
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.528846979 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.528853893 CEST49772443192.168.2.7143.244.50.82
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.528867006 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.528894901 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.528901100 CEST49772443192.168.2.7143.244.50.82
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.528914928 CEST49772443192.168.2.7143.244.50.82
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.534209013 CEST44349781142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.539773941 CEST44349780142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.542305946 CEST49777443192.168.2.7142.251.2.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.542315006 CEST44349777142.251.2.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.543369055 CEST49781443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.543379068 CEST44349781142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.543843031 CEST49780443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.543863058 CEST44349780142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.544507027 CEST44349781142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.544581890 CEST49781443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.547199965 CEST44349780142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.547287941 CEST49780443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.547859907 CEST49764443192.168.2.752.165.165.26
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.551259995 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.551275015 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.551311016 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.551320076 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.551345110 CEST49772443192.168.2.7143.244.50.82
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.551369905 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.551395893 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.551400900 CEST49772443192.168.2.7143.244.50.82
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.551446915 CEST49772443192.168.2.7143.244.50.82
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.558237076 CEST443497733.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.558383942 CEST443497733.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.558460951 CEST49773443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.558480978 CEST443497733.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.558532953 CEST49773443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.558573961 CEST443497733.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.558725119 CEST443497733.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.558778048 CEST49773443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.587877035 CEST49781443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.587985992 CEST44349781142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.588821888 CEST49780443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.589037895 CEST44349780142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.592117071 CEST4434976452.165.165.26192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.592750072 CEST49781443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.592763901 CEST44349781142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.592801094 CEST49773443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.592825890 CEST443497733.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.699542999 CEST44349778192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.699824095 CEST44349778192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.699882984 CEST49778443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.721987009 CEST49778443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.722011089 CEST44349778192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.735687017 CEST49780443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.735732079 CEST44349780142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.735788107 CEST49781443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.897938013 CEST44349781142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.898049116 CEST44349781142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.898099899 CEST49781443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.898614883 CEST4434977552.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.898673058 CEST49775443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.898705006 CEST4434977552.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.898719072 CEST4434977552.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.898766994 CEST49775443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.899097919 CEST49772443192.168.2.7143.244.50.82
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.899116039 CEST44349772143.244.50.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.900677919 CEST49780443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.903021097 CEST49783443192.168.2.774.125.137.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.903045893 CEST4434978374.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.903107882 CEST49783443192.168.2.774.125.137.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.907217979 CEST49783443192.168.2.774.125.137.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.907232046 CEST4434978374.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.907676935 CEST49781443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.907691956 CEST44349781142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.908077002 CEST49775443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.908087015 CEST4434977552.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.946722984 CEST4434976452.165.165.26192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.946787119 CEST4434976452.165.165.26192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.946806908 CEST4434976452.165.165.26192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.946825027 CEST4434976452.165.165.26192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.946863890 CEST4434976452.165.165.26192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.946885109 CEST4434976452.165.165.26192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.946892023 CEST49764443192.168.2.752.165.165.26
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.946892023 CEST49764443192.168.2.752.165.165.26
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.946913004 CEST49764443192.168.2.752.165.165.26
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.946914911 CEST4434976452.165.165.26192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.946927071 CEST49764443192.168.2.752.165.165.26
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.947001934 CEST49764443192.168.2.752.165.165.26
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.947069883 CEST4434976452.165.165.26192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.947089911 CEST4434976452.165.165.26192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.947141886 CEST49764443192.168.2.752.165.165.26
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.947141886 CEST49764443192.168.2.752.165.165.26
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.947153091 CEST4434976452.165.165.26192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.947242975 CEST4434976452.165.165.26192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.947313070 CEST49764443192.168.2.752.165.165.26
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.954773903 CEST49784443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.954813957 CEST443497843.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.954881907 CEST49784443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.955097914 CEST49784443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.955113888 CEST443497843.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:53.264271975 CEST4434978374.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:53.305372000 CEST49783443192.168.2.774.125.137.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:53.305385113 CEST4434978374.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:53.305808067 CEST4434978374.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:53.309520960 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:53.309616089 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:53.309695005 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:53.315083027 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:53.315103054 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:53.315154076 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:53.315458059 CEST49783443192.168.2.774.125.137.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:53.315566063 CEST4434978374.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:53.316394091 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:53.316451073 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:53.317329884 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:53.317342043 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:53.317742109 CEST49783443192.168.2.774.125.137.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:53.364131927 CEST4434978374.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:53.631294012 CEST4434978374.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:53.631337881 CEST4434978374.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:53.631367922 CEST4434978374.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:53.631375074 CEST49783443192.168.2.774.125.137.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:53.631398916 CEST4434978374.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:53.631436110 CEST4434978374.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:53.631442070 CEST49783443192.168.2.774.125.137.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:53.631454945 CEST4434978374.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:53.631500959 CEST49783443192.168.2.774.125.137.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:53.631508112 CEST4434978374.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:53.631537914 CEST4434978374.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:53.631586075 CEST49783443192.168.2.774.125.137.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:53.644867897 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:53.645493031 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:53.718852997 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:53.791555882 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:53.848436117 CEST443497843.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.004029036 CEST49784443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.044929981 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.044971943 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.045525074 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.045542955 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.046262026 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.046272039 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.046314955 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.046905994 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.046922922 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.046986103 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.072072983 CEST49764443192.168.2.752.165.165.26
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.072103024 CEST4434976452.165.165.26192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.072114944 CEST49764443192.168.2.752.165.165.26
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.072128057 CEST4434976452.165.165.26192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.078923941 CEST49793443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.078967094 CEST443497933.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.079035044 CEST49793443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.081945896 CEST49794443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.081969023 CEST443497943.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.082026958 CEST49794443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.082262039 CEST49784443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.082284927 CEST443497843.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.082762957 CEST443497843.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.083592892 CEST49793443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.083606958 CEST443497933.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.084536076 CEST49794443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.084548950 CEST443497943.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.085979939 CEST49784443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.086061954 CEST443497843.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.086103916 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.086210966 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.087213039 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.087327003 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.087852001 CEST49784443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.087884903 CEST443497843.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.088212967 CEST49784443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.088244915 CEST443497843.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.089257956 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.089272022 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.198587894 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.213572025 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.213582039 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.250521898 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.250586033 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.250654936 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.294575930 CEST49783443192.168.2.774.125.137.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.294595957 CEST4434978374.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.381325006 CEST49780443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.390662909 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.390697002 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.406646013 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.410288095 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.410303116 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.410325050 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.410331964 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.410335064 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.410377026 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.410410881 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.410429001 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.410458088 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.424130917 CEST44349780142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.482410908 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.482422113 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.482445955 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.482455015 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.482470989 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.482485056 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.482492924 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.482507944 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.482532978 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.569504023 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.569514990 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.569544077 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.569559097 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.569572926 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.569580078 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.569598913 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.569667101 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.613423109 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.613431931 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.613454103 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.613461971 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.613491058 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.613517046 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.613547087 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.613562107 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.656913996 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.656960964 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.656974077 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.656997919 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.656991005 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.657094002 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.657140017 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.657182932 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.683295965 CEST443497843.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.683389902 CEST443497843.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.683435917 CEST49784443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.699613094 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.699624062 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.699651957 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.699686050 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.699693918 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.699737072 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.699768066 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.699791908 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.721282005 CEST49784443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.721302986 CEST443497843.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.743110895 CEST44349780142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.743200064 CEST44349780142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.743263960 CEST49780443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.744298935 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.744323015 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.744364977 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.744406939 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.744437933 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.745904922 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.767653942 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.767699003 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.767738104 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.767757893 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.767796993 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.771771908 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.771831989 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.771841049 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.771903038 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.773895979 CEST4970080192.168.2.7151.101.66.133
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.774038076 CEST4970180192.168.2.7151.101.194.133
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.774118900 CEST4970280192.168.2.772.246.156.77
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.789562941 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.789604902 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.789679050 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.789688110 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.789726019 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.813707113 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.813730955 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.813812971 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.813833952 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.813875914 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.833004951 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.833030939 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.833101988 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.833126068 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.833156109 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.833177090 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.851736069 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.851762056 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.851850986 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.851922035 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.851964951 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.851989031 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.853055954 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.855986118 CEST49797443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.856019974 CEST44349797142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.856117964 CEST49797443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.856511116 CEST49797443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.856529951 CEST44349797142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.857876062 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.857934952 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.872632027 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.872673035 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.872715950 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.872762918 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.872798920 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.877150059 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.877583981 CEST49780443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.877599955 CEST44349780142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.886971951 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.887012959 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.887048960 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.887058020 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.887087107 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.887116909 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.887159109 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.894576073 CEST49798443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.894615889 CEST44349798142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.894860029 CEST49798443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.897408009 CEST49786443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.897416115 CEST4434978631.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.902487040 CEST49798443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.902498960 CEST44349798142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.930170059 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.933283091 CEST8049701151.101.194.133192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.933322906 CEST8049701151.101.194.133192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.933378935 CEST4970180192.168.2.7151.101.194.133
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.933532953 CEST8049700151.101.66.133192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.933547020 CEST804970272.246.156.77192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.933584929 CEST4970280192.168.2.772.246.156.77
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.933617115 CEST8049700151.101.66.133192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.933675051 CEST4970080192.168.2.7151.101.66.133
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.972158909 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.979243040 CEST443497943.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.979446888 CEST443497933.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.079498053 CEST49793443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.188126087 CEST443497943.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.188198090 CEST49794443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.212951899 CEST44349797142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.225883007 CEST49794443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.225905895 CEST443497943.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.227184057 CEST443497943.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.227261066 CEST49794443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.227262974 CEST49793443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.227282047 CEST443497933.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.227885008 CEST443497933.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.230320930 CEST49797443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.230329990 CEST44349797142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.231534958 CEST49799443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.231580019 CEST4434979913.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.231602907 CEST44349797142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.231637955 CEST49799443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.235188007 CEST49794443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.235255957 CEST443497943.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.236747980 CEST49800443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.236783028 CEST4434980013.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.236845016 CEST49800443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.238267899 CEST49793443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.238349915 CEST443497933.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.244395971 CEST49797443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.244594097 CEST44349797142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.244865894 CEST49799443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.244879007 CEST4434979913.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.246138096 CEST49800443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.246151924 CEST4434980013.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.247909069 CEST49794443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.247935057 CEST443497943.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.247975111 CEST49794443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.247982025 CEST443497943.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.248686075 CEST49793443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.248739004 CEST443497933.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.249488115 CEST49797443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.249547958 CEST44349797142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.256438017 CEST44349798142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.290975094 CEST49798443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.290988922 CEST44349798142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.291534901 CEST44349798142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.300230980 CEST49798443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.300378084 CEST49798443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.300383091 CEST44349798142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.300410986 CEST44349798142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.395663977 CEST49798443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.395663977 CEST49794443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.469172955 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.469238997 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.469260931 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.469271898 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.469312906 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.470374107 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.470417976 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.470432997 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.470472097 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.470489025 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.470530033 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.480930090 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.480952024 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.480988026 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.480995893 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.481889009 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.492085934 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.493871927 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.503190041 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.503237009 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.503240108 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.503248930 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.503288031 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.514538050 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.514590025 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.577552080 CEST44349797142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.577644110 CEST49797443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.577719927 CEST44349797142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.577961922 CEST44349797142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.581934929 CEST49797443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.587857962 CEST49797443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.587874889 CEST44349797142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.604502916 CEST49801443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.604540110 CEST44349801142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.604609013 CEST49801443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.604811907 CEST49801443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.604825020 CEST44349801142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.616897106 CEST44349798142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.617012024 CEST44349798142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.617063999 CEST49798443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.618151903 CEST49798443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.618174076 CEST44349798142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.628288031 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.628351927 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.633840084 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.633913994 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.633925915 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.644911051 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.644941092 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.644956112 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.644964933 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.645015001 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.656172991 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.656219959 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.656224966 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.656239986 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.656286001 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.667479992 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.667536020 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.678385019 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.678442001 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.678493977 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.678550005 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.689538956 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.689610004 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.689610004 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.689624071 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.689888000 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.699974060 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.700053930 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.710199118 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.710417032 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.712129116 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.712148905 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.720464945 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.720515013 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.720527887 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.730647087 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.730684042 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.730706930 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.730719090 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.730760098 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.732815981 CEST49802443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.732845068 CEST443498023.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.733371973 CEST49802443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.733608961 CEST49802443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.733620882 CEST443498023.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.736005068 CEST4434980013.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.736210108 CEST49800443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.736219883 CEST4434980013.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.737270117 CEST4434980013.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.737344980 CEST49800443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.737416029 CEST4434979913.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.737936020 CEST49799443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.737946987 CEST4434979913.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.738472939 CEST49800443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.738545895 CEST4434980013.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.738651037 CEST49800443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.739129066 CEST4434979913.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.739209890 CEST49799443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.740036964 CEST49799443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.740123034 CEST4434979913.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.740988016 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.741054058 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.751245975 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.751282930 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.751302004 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.751319885 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.751435041 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.761502981 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.761547089 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.761580944 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.761596918 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.761913061 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.784116030 CEST4434980013.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.787642956 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.787699938 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.787709951 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.791512012 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.791541100 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.791567087 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.791587114 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.791737080 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.796232939 CEST49799443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.796255112 CEST4434979913.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.799015999 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.799086094 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.806457043 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.806504011 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.806508064 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.806524038 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.806664944 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.813678980 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.813745022 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.813757896 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.813765049 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.813817024 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.820851088 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.820908070 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.820916891 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.820956945 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.828079939 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.828140020 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.828147888 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.828216076 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.828259945 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.828665018 CEST49790443192.168.2.731.13.70.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.828682899 CEST4434979031.13.70.7192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.842885971 CEST443497943.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.842958927 CEST443497943.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.843266964 CEST49794443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.843286991 CEST443497943.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.843297005 CEST49794443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.843337059 CEST49794443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.845360041 CEST443497933.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.845557928 CEST443497933.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.845617056 CEST49793443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.845777988 CEST49793443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.845793962 CEST443497933.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.916809082 CEST49800443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.916821957 CEST4434980013.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.959598064 CEST44349801142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.998121977 CEST49799443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.012851000 CEST49801443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.012862921 CEST44349801142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.013421059 CEST44349801142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.022058010 CEST49801443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.022154093 CEST44349801142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.022730112 CEST49803443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.022772074 CEST4434980331.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.022855043 CEST49804443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.022896051 CEST4434980431.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.022945881 CEST49803443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.022972107 CEST49804443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.023416042 CEST49803443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.023427010 CEST4434980331.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.023530960 CEST49804443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.023549080 CEST4434980431.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.023638010 CEST49801443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.023683071 CEST44349801142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.105843067 CEST49800443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.123430014 CEST4434980013.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.123534918 CEST4434980013.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.123671055 CEST49800443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.161739111 CEST49800443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.161767960 CEST4434980013.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.174036980 CEST49799443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.216116905 CEST4434979913.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.348191977 CEST4434980431.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.348351002 CEST4434980331.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.352185011 CEST44349801142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.352266073 CEST44349801142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.352309942 CEST49801443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.366674900 CEST49804443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.366693020 CEST4434980431.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.366971016 CEST49803443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.366983891 CEST4434980331.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.368134022 CEST4434980431.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.368179083 CEST49804443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.370579004 CEST4434980331.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.370656013 CEST49803443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.373008013 CEST49801443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.373028994 CEST44349801142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.374854088 CEST49804443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.374959946 CEST49803443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.374979973 CEST4434980431.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.375228882 CEST4434980331.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.376497984 CEST49804443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.376507044 CEST4434980431.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.376854897 CEST49803443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.376866102 CEST4434980331.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.495963097 CEST49804443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.496356010 CEST49803443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.503333092 CEST4434979913.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.503382921 CEST4434979913.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.503402948 CEST4434979913.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.503415108 CEST4434979913.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.503428936 CEST49799443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.503429890 CEST4434979913.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.503443956 CEST4434979913.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.503456116 CEST4434979913.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.503473997 CEST49799443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.503500938 CEST49799443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.503518105 CEST49799443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.512541056 CEST4434979913.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.512551069 CEST4434979913.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.512572050 CEST4434979913.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.512589931 CEST4434979913.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.512594938 CEST49799443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.512604952 CEST4434979913.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.512624979 CEST4434979913.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.512641907 CEST49799443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.512648106 CEST4434979913.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.512660027 CEST49799443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.512689114 CEST49799443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.547707081 CEST49805443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.547750950 CEST4434980550.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.547823906 CEST49805443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.547995090 CEST49806443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.548032045 CEST4434980650.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.548084974 CEST49806443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.548254013 CEST49805443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.548269987 CEST4434980550.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.548410892 CEST49806443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.548424959 CEST4434980650.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.551337004 CEST49799443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.551422119 CEST4434979913.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.551486015 CEST49799443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.595593929 CEST49809443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.595627069 CEST4434980913.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.595685959 CEST49809443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.595968008 CEST49809443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.595989943 CEST4434980913.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.598335028 CEST49810443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.598376989 CEST443498103.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.598458052 CEST49810443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.598752022 CEST49810443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.598766088 CEST443498103.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.628318071 CEST443498023.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.628669977 CEST49802443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.628679991 CEST443498023.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.629035950 CEST443498023.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.630618095 CEST49802443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.630677938 CEST443498023.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.630805016 CEST49802443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.630831003 CEST443498023.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.630892992 CEST49802443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.630898952 CEST443498023.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.668816090 CEST4434980431.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.668905020 CEST4434980431.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.668946981 CEST49804443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.670322895 CEST49804443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.670336008 CEST4434980431.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.685972929 CEST49811443192.168.2.7104.18.32.137
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.686012030 CEST44349811104.18.32.137192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.686094999 CEST49811443192.168.2.7104.18.32.137
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.688024998 CEST49811443192.168.2.7104.18.32.137
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.688034058 CEST44349811104.18.32.137192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.689207077 CEST49812443192.168.2.774.125.137.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.689239979 CEST4434981274.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.689296007 CEST49812443192.168.2.774.125.137.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.689902067 CEST49812443192.168.2.774.125.137.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.689915895 CEST4434981274.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.698571920 CEST4434980331.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.698643923 CEST4434980331.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.698688030 CEST49803443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.698698044 CEST4434980331.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.698735952 CEST4434980331.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.698805094 CEST49803443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.698811054 CEST4434980331.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.698892117 CEST4434980331.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.699002028 CEST49803443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.713742018 CEST49803443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.713763952 CEST4434980331.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.717468023 CEST49813443192.168.2.7143.244.50.213
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.717499018 CEST44349813143.244.50.213192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.717549086 CEST49813443192.168.2.7143.244.50.213
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.717912912 CEST49813443192.168.2.7143.244.50.213
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.717926979 CEST44349813143.244.50.213192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.750586033 CEST49814443192.168.2.73.211.190.76
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.750629902 CEST443498143.211.190.76192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.750683069 CEST49814443192.168.2.73.211.190.76
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.753475904 CEST49814443192.168.2.73.211.190.76
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.753492117 CEST443498143.211.190.76192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.819905996 CEST49815443192.168.2.774.125.137.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.819960117 CEST4434981574.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.820018053 CEST49815443192.168.2.774.125.137.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.820491076 CEST49815443192.168.2.774.125.137.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.820507050 CEST4434981574.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.966964006 CEST4434980650.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.967370987 CEST49806443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.967392921 CEST4434980650.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.967752934 CEST4434980650.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.967761993 CEST4434980550.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.968177080 CEST49806443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.968241930 CEST4434980650.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.968400002 CEST49805443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.968419075 CEST4434980550.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.968736887 CEST49806443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.968765974 CEST4434980650.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.968770027 CEST4434980550.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.969060898 CEST49805443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.969121933 CEST4434980550.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.006547928 CEST44349811104.18.32.137192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.006750107 CEST49811443192.168.2.7104.18.32.137
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.006758928 CEST44349811104.18.32.137192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.007882118 CEST44349811104.18.32.137192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.007961035 CEST49811443192.168.2.7104.18.32.137
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.012718916 CEST49811443192.168.2.7104.18.32.137
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.012774944 CEST44349811104.18.32.137192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.012895107 CEST49811443192.168.2.7104.18.32.137
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.012901068 CEST44349811104.18.32.137192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.012933016 CEST49811443192.168.2.7104.18.32.137
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.013026953 CEST44349811104.18.32.137192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.050101042 CEST44349813143.244.50.213192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.050375938 CEST49813443192.168.2.7143.244.50.213
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.050386906 CEST44349813143.244.50.213192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.051013947 CEST4434981274.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.051350117 CEST49812443192.168.2.774.125.137.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.051358938 CEST4434981274.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.051429033 CEST44349813143.244.50.213192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.051496029 CEST49813443192.168.2.7143.244.50.213
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.052500963 CEST4434981274.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.053533077 CEST49812443192.168.2.774.125.137.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.053714037 CEST4434981274.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.053817034 CEST49813443192.168.2.7143.244.50.213
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.053886890 CEST44349813143.244.50.213192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.053992033 CEST49812443192.168.2.774.125.137.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.054052114 CEST49813443192.168.2.7143.244.50.213
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.054058075 CEST44349813143.244.50.213192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.088659048 CEST4434980913.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.088927031 CEST49809443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.088943958 CEST4434980913.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.090039968 CEST4434980913.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.090662956 CEST49809443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.090800047 CEST49809443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.090838909 CEST4434980913.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.096127033 CEST4434981274.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.097889900 CEST49818443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.097928047 CEST4434981831.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.097984076 CEST49818443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.098117113 CEST49819443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.098136902 CEST4434981931.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.098263025 CEST49819443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.098509073 CEST49818443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.098526001 CEST4434981831.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.098858118 CEST49819443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.098870039 CEST4434981931.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.173505068 CEST4434981574.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.173892021 CEST49815443192.168.2.774.125.137.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.173912048 CEST4434981574.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.174252987 CEST4434981574.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.174645901 CEST49815443192.168.2.774.125.137.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.174710035 CEST4434981574.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.174815893 CEST49815443192.168.2.774.125.137.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.174841881 CEST4434981574.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.176125050 CEST4434980550.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.176196098 CEST49805443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.197782040 CEST49811443192.168.2.7104.18.32.137
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.197784901 CEST49809443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.214863062 CEST49813443192.168.2.7143.244.50.213
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.228168011 CEST443498023.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.228245974 CEST443498023.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.228332043 CEST49802443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.230803013 CEST49802443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.230819941 CEST443498023.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.365082979 CEST44349813143.244.50.213192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.365366936 CEST44349813143.244.50.213192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.365457058 CEST49813443192.168.2.7143.244.50.213
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.390599966 CEST49813443192.168.2.7143.244.50.213
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.390626907 CEST44349813143.244.50.213192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.397219896 CEST44349811104.18.32.137192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.397290945 CEST44349811104.18.32.137192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.397344112 CEST49811443192.168.2.7104.18.32.137
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.399243116 CEST49811443192.168.2.7104.18.32.137
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.399256945 CEST44349811104.18.32.137192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.407752991 CEST443498143.211.190.76192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.407984018 CEST49814443192.168.2.73.211.190.76
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.408018112 CEST443498143.211.190.76192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.410062075 CEST443498143.211.190.76192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.410156012 CEST49814443192.168.2.73.211.190.76
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.415653944 CEST4434981274.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.415781021 CEST4434981274.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.415828943 CEST49812443192.168.2.774.125.137.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.417438984 CEST49814443192.168.2.73.211.190.76
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.417556047 CEST443498143.211.190.76192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.417604923 CEST49814443192.168.2.73.211.190.76
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.420831919 CEST4434981831.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.424442053 CEST49818443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.424470901 CEST4434981831.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.425453901 CEST4434981931.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.425580025 CEST4434981831.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.425626993 CEST49819443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.425636053 CEST49818443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.425643921 CEST4434981931.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.425756931 CEST49812443192.168.2.774.125.137.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.425774097 CEST4434981274.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.426417112 CEST49818443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.426482916 CEST4434981831.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.426795959 CEST49818443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.426803112 CEST4434981831.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.428911924 CEST4434981931.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.429004908 CEST49819443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.429339886 CEST49819443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.429426908 CEST4434981931.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.429510117 CEST49819443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.429516077 CEST4434981931.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.464121103 CEST443498143.211.190.76192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.474103928 CEST4434980913.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.474293947 CEST4434980913.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.474364996 CEST49809443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.475135088 CEST49822443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.475176096 CEST443498223.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.475204945 CEST49809443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.475220919 CEST4434980913.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.475234985 CEST49822443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.476111889 CEST49822443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.476125956 CEST443498223.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.481235981 CEST49823443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.481271982 CEST4434982313.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.481372118 CEST49823443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.481601954 CEST49823443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.481616974 CEST4434982313.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.490794897 CEST443498103.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.494137049 CEST49810443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.494149923 CEST443498103.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.494535923 CEST443498103.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.497993946 CEST49814443192.168.2.73.211.190.76
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.497998953 CEST49818443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.498003960 CEST443498143.211.190.76192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.498016119 CEST49819443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.498317957 CEST49810443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.498409033 CEST443498103.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.498584986 CEST49810443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.498584986 CEST49810443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.498617887 CEST443498103.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.538708925 CEST4434981574.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.538731098 CEST4434981574.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.538775921 CEST4434981574.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.538796902 CEST4434981574.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.538805008 CEST49815443192.168.2.774.125.137.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.538824081 CEST4434981574.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.538849115 CEST49815443192.168.2.774.125.137.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.538924932 CEST4434981574.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.539041996 CEST49815443192.168.2.774.125.137.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.545886040 CEST49815443192.168.2.774.125.137.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.545907021 CEST4434981574.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.625808954 CEST4434980650.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.625837088 CEST4434980650.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.625857115 CEST4434980650.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.625900030 CEST49806443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.625916958 CEST4434980650.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.625946045 CEST4434980650.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.625947952 CEST49806443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.625976086 CEST49806443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.625979900 CEST4434980650.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.625992060 CEST49806443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.632961988 CEST443498143.211.190.76192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.633017063 CEST49814443192.168.2.73.211.190.76
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.642678022 CEST49814443192.168.2.73.211.190.76
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.642697096 CEST443498143.211.190.76192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.671044111 CEST49828443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.671072006 CEST443498283.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.671369076 CEST49828443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.671708107 CEST49828443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.671721935 CEST443498283.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.678926945 CEST49829443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.678967953 CEST4434982952.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.679223061 CEST49829443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.685924053 CEST49810443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.686003923 CEST443498103.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.686089039 CEST49810443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.688235044 CEST49829443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.688249111 CEST4434982952.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.750413895 CEST4434981831.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.750495911 CEST4434981831.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.750652075 CEST49818443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.759571075 CEST49818443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.759592056 CEST4434981831.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.772563934 CEST4434981931.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.772696972 CEST4434981931.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.772768021 CEST49819443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.772793055 CEST4434981931.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.772974014 CEST4434981931.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.773178101 CEST4434981931.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.773236990 CEST49819443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.774507999 CEST49819443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.774539948 CEST4434981931.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.808145046 CEST49806443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.835127115 CEST4434980650.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.835136890 CEST4434980650.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.835165024 CEST4434980650.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.835170984 CEST4434980650.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.835195065 CEST4434980650.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.835205078 CEST4434980650.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.835208893 CEST49806443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.835261106 CEST49806443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.868727922 CEST49831443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.868771076 CEST4434983152.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.868935108 CEST49831443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.869719982 CEST49831443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.869741917 CEST4434983152.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.975735903 CEST4434982313.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.976560116 CEST49823443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.976568937 CEST4434982313.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.976921082 CEST4434982313.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.977283001 CEST49823443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.977348089 CEST4434982313.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.043020010 CEST4434980650.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.043036938 CEST4434980650.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.043073893 CEST4434980650.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.043085098 CEST49806443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.043132067 CEST49806443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.043142080 CEST4434980650.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.044065952 CEST4434980650.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.044075966 CEST4434980650.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.044107914 CEST4434980650.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.044116020 CEST4434980650.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.044116974 CEST49806443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.044131994 CEST4434980650.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.044137001 CEST49806443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.044161081 CEST49806443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.044270992 CEST4434980650.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.044312954 CEST49806443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.054006100 CEST49806443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.054018974 CEST4434980650.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.084877014 CEST49805443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.084964991 CEST4434980550.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.107414961 CEST49823443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.270098925 CEST49832443192.168.2.7104.18.32.137
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.270142078 CEST44349832104.18.32.137192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.270206928 CEST49832443192.168.2.7104.18.32.137
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.270468950 CEST49832443192.168.2.7104.18.32.137
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.270483971 CEST44349832104.18.32.137192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.291366100 CEST49833443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.291412115 CEST4434983350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.291585922 CEST49833443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.291910887 CEST49833443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.291927099 CEST4434983350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.318100929 CEST4434982952.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.318506002 CEST49829443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.318519115 CEST4434982952.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.318871975 CEST4434982952.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.319400072 CEST49829443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.319485903 CEST4434982952.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.319866896 CEST49829443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.364119053 CEST4434982952.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.378969908 CEST443498223.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.393821955 CEST49822443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.393836975 CEST443498223.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.397540092 CEST443498223.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.397624969 CEST49822443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.398526907 CEST49822443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.398600101 CEST443498223.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.398709059 CEST49822443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.398716927 CEST443498223.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.417444944 CEST4434980550.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.417541981 CEST4434980550.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.417606115 CEST49805443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.494146109 CEST4434983152.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.497431993 CEST49831443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.497452021 CEST4434983152.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.498027086 CEST4434983152.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.499102116 CEST49831443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.499183893 CEST4434983152.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.499531984 CEST49831443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.533653975 CEST4434982952.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.533982038 CEST4434982952.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.534030914 CEST49829443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.534940004 CEST49829443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.534964085 CEST4434982952.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.537292957 CEST49834443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.537345886 CEST4434983452.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.537408113 CEST49834443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.538053036 CEST49834443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.538074970 CEST4434983452.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.544123888 CEST4434983152.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.565248013 CEST443498283.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.565540075 CEST49828443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.565551996 CEST443498283.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.566677094 CEST443498283.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.566855907 CEST49828443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.567101955 CEST49828443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.567186117 CEST443498283.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.567588091 CEST49828443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.567595959 CEST443498283.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.567718983 CEST49828443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.567728996 CEST443498283.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.571285009 CEST49805443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.571301937 CEST4434980550.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.581084967 CEST44349832104.18.32.137192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.581302881 CEST49832443192.168.2.7104.18.32.137
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.581358910 CEST44349832104.18.32.137192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.581739902 CEST44349832104.18.32.137192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.582077026 CEST49832443192.168.2.7104.18.32.137
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.582149982 CEST44349832104.18.32.137192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.582204103 CEST49832443192.168.2.7104.18.32.137
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.588646889 CEST49822443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.624123096 CEST44349832104.18.32.137192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.697799921 CEST443498223.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.697881937 CEST443498223.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.698091030 CEST49822443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.704955101 CEST49822443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.704974890 CEST443498223.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.710663080 CEST4434983350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.710900068 CEST49833443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.710912943 CEST4434983350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.711270094 CEST4434983350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.711697102 CEST49833443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.711771965 CEST4434983350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.712089062 CEST49833443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.712122917 CEST4434983350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.712179899 CEST4434983152.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.712400913 CEST4434983152.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.712452888 CEST49831443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.712779999 CEST49831443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.712779999 CEST49831443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.712798119 CEST4434983152.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.712831974 CEST49831443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.715146065 CEST49835443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.715189934 CEST4434983552.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.715239048 CEST49835443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.716059923 CEST49835443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.716073990 CEST4434983552.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.943958998 CEST44349832104.18.32.137192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.944516897 CEST44349832104.18.32.137192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:58.944590092 CEST49832443192.168.2.7104.18.32.137
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.162245989 CEST4434983452.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.182085037 CEST443498283.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.182164907 CEST443498283.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.182277918 CEST49828443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.210596085 CEST49834443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.210624933 CEST4434983452.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.211074114 CEST49828443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.211090088 CEST443498283.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.211174965 CEST4434983452.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.211879015 CEST4434983350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.212022066 CEST4434983350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.212117910 CEST49833443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.215909958 CEST49834443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.215993881 CEST4434983452.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.222557068 CEST49834443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.222577095 CEST49834443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.222589970 CEST4434983452.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.250171900 CEST49832443192.168.2.7104.18.32.137
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.250191927 CEST44349832104.18.32.137192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.251486063 CEST49833443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.251503944 CEST4434983350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.343813896 CEST4434983552.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.346332073 CEST49835443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.346363068 CEST4434983552.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.347542048 CEST4434983552.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.347932100 CEST49835443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.348144054 CEST4434983552.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.348181009 CEST49835443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.348303080 CEST49835443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.348318100 CEST4434983552.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.351634979 CEST49836443192.168.2.7104.17.246.203
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.351675034 CEST44349836104.17.246.203192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.351892948 CEST49836443192.168.2.7104.17.246.203
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.352273941 CEST49836443192.168.2.7104.17.246.203
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.352284908 CEST44349836104.17.246.203192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.363864899 CEST49837443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.363892078 CEST443498373.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.363956928 CEST49837443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.365150928 CEST49837443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.365159988 CEST443498373.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.365906954 CEST49838443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.365946054 CEST44349838142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.366029024 CEST49838443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.366528988 CEST49838443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.366549969 CEST44349838142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.640467882 CEST4434983452.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.640578985 CEST4434983452.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.640590906 CEST49834443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.640635967 CEST49834443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.665071964 CEST44349836104.17.246.203192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.722508907 CEST44349838142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.769679070 CEST4434983552.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.769773960 CEST49835443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.769809961 CEST4434983552.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.769903898 CEST4434983552.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.771909952 CEST49835443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.872118950 CEST44349836104.17.246.203192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.873811960 CEST49836443192.168.2.7104.17.246.203
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.916369915 CEST49838443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.972886086 CEST49838443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.972898960 CEST44349838142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.973443031 CEST44349838142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.973900080 CEST49836443192.168.2.7104.17.246.203
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.973913908 CEST44349836104.17.246.203192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:59.974745035 CEST44349836104.17.246.203192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.014404058 CEST49835443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.014436007 CEST4434983552.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.016998053 CEST49838443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.017146111 CEST49834443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.017168045 CEST4434983452.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.017234087 CEST44349838142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.107017040 CEST49838443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.156449080 CEST49836443192.168.2.7104.17.246.203
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.156636953 CEST44349836104.17.246.203192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.203330994 CEST49838443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.248121023 CEST44349838142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.258443117 CEST443498373.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.262087107 CEST49836443192.168.2.7104.17.246.203
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.263619900 CEST49837443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.263626099 CEST443498373.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.263969898 CEST443498373.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.265285969 CEST49837443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.265337944 CEST443498373.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.265671968 CEST49837443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.265690088 CEST443498373.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.308115959 CEST44349836104.17.246.203192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.382776022 CEST44349838142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.382868052 CEST44349838142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.382930994 CEST49838443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.427480936 CEST44349836104.17.246.203192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.427614927 CEST44349836104.17.246.203192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.427668095 CEST49836443192.168.2.7104.17.246.203
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.461859941 CEST49839443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.461898088 CEST4434983913.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.461966038 CEST49839443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.463005066 CEST49839443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.463033915 CEST4434983913.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.473753929 CEST49838443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.473763943 CEST44349838142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.477897882 CEST49842443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.477921009 CEST44349842192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.477972031 CEST49842443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.478543043 CEST49843443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.478554010 CEST44349843142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.478606939 CEST49843443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.478770018 CEST49842443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.478782892 CEST44349842192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.478840113 CEST49836443192.168.2.7104.17.246.203
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.478848934 CEST44349836104.17.246.203192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.479394913 CEST49843443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.479404926 CEST44349843142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.579139948 CEST443498373.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.579195976 CEST443498373.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.579252958 CEST443498373.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.579262972 CEST49837443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.579282045 CEST443498373.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.579292059 CEST49837443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.579366922 CEST443498373.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.579406977 CEST49837443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.580579042 CEST49837443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.580602884 CEST443498373.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.630783081 CEST49844443192.168.2.774.125.137.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.630819082 CEST4434984474.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.630908012 CEST49844443192.168.2.774.125.137.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.631155968 CEST49844443192.168.2.774.125.137.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.631169081 CEST4434984474.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.648133993 CEST49823443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.696122885 CEST4434982313.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.786375046 CEST4434983913.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.786665916 CEST49839443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.786693096 CEST4434983913.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.787077904 CEST4434983913.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.787393093 CEST49839443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.787481070 CEST4434983913.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.787543058 CEST49839443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.832119942 CEST4434983913.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.833255053 CEST44349843142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.833530903 CEST49843443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.833547115 CEST44349843142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.833899021 CEST44349843142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.835024118 CEST49843443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.835108042 CEST44349843142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.835175037 CEST49843443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.872001886 CEST4434982313.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.872076988 CEST4434982313.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.872397900 CEST49823443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.876121998 CEST44349843142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.897573948 CEST49823443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.897595882 CEST4434982313.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.902714014 CEST49846443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.902749062 CEST4434984613.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.902878046 CEST49846443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.903080940 CEST49846443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.903090954 CEST4434984613.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.927432060 CEST44349842192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.927825928 CEST49842443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.927850962 CEST44349842192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.928221941 CEST44349842192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.928647995 CEST49842443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.928705931 CEST44349842192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.928735018 CEST49842443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.972116947 CEST44349842192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.983730078 CEST4434984474.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.984026909 CEST49844443192.168.2.774.125.137.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.984047890 CEST4434984474.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.984397888 CEST4434984474.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.984838009 CEST49844443192.168.2.774.125.137.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.984920979 CEST4434984474.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.985033989 CEST49844443192.168.2.774.125.137.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:00.985044956 CEST4434984474.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.011727095 CEST49842443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.105886936 CEST4434983913.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.106472969 CEST4434983913.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.106523037 CEST49839443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.106539011 CEST4434983913.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.106550932 CEST4434983913.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.106571913 CEST49839443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.106579065 CEST4434983913.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.106677055 CEST49839443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.107258081 CEST49839443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.107291937 CEST4434983913.226.225.31192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.107342958 CEST49839443192.168.2.713.226.225.31
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.158581018 CEST49847443192.168.2.73.211.190.76
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.158617973 CEST443498473.211.190.76192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.158699036 CEST49847443192.168.2.73.211.190.76
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.158934116 CEST49847443192.168.2.73.211.190.76
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.158941984 CEST443498473.211.190.76192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.161782026 CEST49848443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.161791086 CEST44349848104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.161843061 CEST49848443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.162091970 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.162128925 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.162228107 CEST49850443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.162247896 CEST44349850104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.162281036 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.162297964 CEST49850443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.162456036 CEST49851443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.162481070 CEST44349851104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.162539959 CEST49851443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.162664890 CEST49848443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.162676096 CEST44349848104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.162933111 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.162945032 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.163028955 CEST49850443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.163038015 CEST44349850104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.163403988 CEST49851443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.163418055 CEST44349851104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.170185089 CEST49853443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.170187950 CEST49852443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.170195103 CEST4434985350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.170197964 CEST4434985250.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.170217991 CEST49854443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.170228004 CEST4434985450.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.170372009 CEST49854443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.170372963 CEST49852443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.170372963 CEST49853443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.170542002 CEST49854443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.170551062 CEST4434985450.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.170701981 CEST49852443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.170713902 CEST4434985250.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.170907021 CEST49853443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.170917988 CEST4434985350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.173083067 CEST49855443192.168.2.7172.64.155.119
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.173101902 CEST44349855172.64.155.119192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.173157930 CEST49855443192.168.2.7172.64.155.119
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.173341036 CEST49855443192.168.2.7172.64.155.119
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.173352003 CEST44349855172.64.155.119192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.178491116 CEST49856443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.178517103 CEST4434985652.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.178579092 CEST49856443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.178746939 CEST49856443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.178760052 CEST4434985652.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.187731981 CEST49857443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.187742949 CEST44349857192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.187841892 CEST49857443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.188517094 CEST49857443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.188529015 CEST44349857192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.195265055 CEST49858443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.195292950 CEST443498583.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.195372105 CEST49858443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.195574045 CEST49858443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.195590019 CEST443498583.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.196373940 CEST44349843142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.196451902 CEST44349843142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.196499109 CEST49843443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.197469950 CEST49843443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.197475910 CEST44349843142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.276316881 CEST49861443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.276352882 CEST4434986131.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.276405096 CEST49861443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.276808977 CEST49861443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.276822090 CEST4434986131.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.279951096 CEST49862443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.279988050 CEST4434986231.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.280056000 CEST49862443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.280272007 CEST49862443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.280287981 CEST4434986231.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.344289064 CEST4434984474.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.344333887 CEST4434984474.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.344358921 CEST4434984474.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.344388008 CEST4434984474.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.344388008 CEST49844443192.168.2.774.125.137.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.344440937 CEST4434984474.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.344506025 CEST49844443192.168.2.774.125.137.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.345932961 CEST4434984474.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.345990896 CEST49844443192.168.2.774.125.137.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.348212004 CEST49844443192.168.2.774.125.137.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.348225117 CEST4434984474.125.137.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.389431953 CEST4434984613.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.389791965 CEST49846443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.389821053 CEST4434984613.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.390141964 CEST4434984613.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.390451908 CEST49846443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.390535116 CEST4434984613.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.390572071 CEST44349842192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.390623093 CEST49846443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.390660048 CEST44349842192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.390723944 CEST49842443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.391019106 CEST49842443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.391036987 CEST44349842192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.432117939 CEST4434984613.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.471574068 CEST44349848104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.473117113 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.474817038 CEST44349850104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.474879026 CEST44349851104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.480618000 CEST49848443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.480638027 CEST44349848104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.480727911 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.480746031 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.480911970 CEST49850443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.480923891 CEST44349850104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.481421947 CEST49851443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.481432915 CEST44349851104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.481709957 CEST44349848104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.481759071 CEST49848443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.481901884 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.481969118 CEST44349850104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.482014894 CEST49850443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.482017994 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.482240915 CEST49848443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.482295990 CEST44349848104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.482573986 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.482651949 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.482765913 CEST44349851104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.482811928 CEST49851443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.483021021 CEST49850443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.483074903 CEST44349850104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.483187914 CEST44349855172.64.155.119192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.483397961 CEST49851443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.483448982 CEST44349851104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.483515978 CEST49848443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.483522892 CEST44349848104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.483666897 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.483675003 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.483793974 CEST49855443192.168.2.7172.64.155.119
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.483808041 CEST44349855172.64.155.119192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.483958006 CEST49851443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.483966112 CEST44349851104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.483977079 CEST49850443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.483983994 CEST44349850104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.484889030 CEST44349855172.64.155.119192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.484935999 CEST49855443192.168.2.7172.64.155.119
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.485337019 CEST49855443192.168.2.7172.64.155.119
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.485385895 CEST44349855172.64.155.119192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.485461950 CEST49855443192.168.2.7172.64.155.119
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.485466957 CEST44349855172.64.155.119192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.587850094 CEST443498473.211.190.76192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.588443995 CEST4434985250.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.589490891 CEST4434985450.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.589557886 CEST4434985350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.598164082 CEST49865443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.598187923 CEST443498653.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.598244905 CEST49865443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.598345995 CEST49847443192.168.2.73.211.190.76
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.598361015 CEST443498473.211.190.76192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.598531961 CEST49852443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.598540068 CEST4434985250.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.598808050 CEST49853443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.598819017 CEST4434985350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.598934889 CEST49854443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.598953962 CEST4434985450.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.599281073 CEST4434986131.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.599423885 CEST443498473.211.190.76192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.599474907 CEST49847443192.168.2.73.211.190.76
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.599575043 CEST4434985250.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.599616051 CEST49866443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.599621058 CEST49852443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.599636078 CEST44349866192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.599689007 CEST49866443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.599912882 CEST4434985350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.599976063 CEST49853443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.600388050 CEST4434985450.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.600486994 CEST49854443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.600672007 CEST49865443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.600682974 CEST443498653.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.600773096 CEST49861443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.600780010 CEST4434986131.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.601052999 CEST49847443192.168.2.73.211.190.76
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.601120949 CEST4434986131.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.601125956 CEST443498473.211.190.76192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.601358891 CEST49852443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.601418018 CEST4434985250.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.601581097 CEST49866443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.601598978 CEST44349866192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.601876020 CEST49853443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.601958036 CEST4434985350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.602513075 CEST49854443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.602524042 CEST49861443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.602576971 CEST4434986131.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.602582932 CEST4434985450.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.603029966 CEST49847443192.168.2.73.211.190.76
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.603038073 CEST443498473.211.190.76192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.603104115 CEST49852443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.603111029 CEST4434985250.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.603171110 CEST49853443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.603179932 CEST4434985350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.603281021 CEST49854443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.603292942 CEST4434985450.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.603374958 CEST49861443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.607790947 CEST4434986231.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.608993053 CEST49848443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.609384060 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.614022970 CEST49862443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.614051104 CEST4434986231.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.614481926 CEST4434986231.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.615129948 CEST49867443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.615161896 CEST443498673.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.615216970 CEST49867443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.615478039 CEST49862443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.615572929 CEST4434986231.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.616122007 CEST49867443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.616133928 CEST443498673.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.617464066 CEST49862443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.633465052 CEST44349857192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.636246920 CEST49857443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.636255980 CEST44349857192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.636584044 CEST44349857192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.640609980 CEST49857443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.640664101 CEST44349857192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.643486023 CEST49857443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.648122072 CEST4434986131.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.660110950 CEST4434986231.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.684114933 CEST44349857192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.688108921 CEST44349851104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.688153982 CEST49851443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.692111015 CEST44349855172.64.155.119192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.692117929 CEST44349850104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.692147970 CEST49855443192.168.2.7172.64.155.119
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.692281961 CEST49850443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.699026108 CEST49847443192.168.2.73.211.190.76
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.699039936 CEST49852443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.699040890 CEST49853443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.714287996 CEST49854443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.804013014 CEST4434985652.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.804277897 CEST49856443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.804302931 CEST4434985652.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.805413961 CEST4434985652.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.805476904 CEST49856443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.805839062 CEST49856443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.805898905 CEST4434985652.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.806046009 CEST49856443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.806051970 CEST4434985652.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.836922884 CEST44349851104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.836981058 CEST44349851104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.837018013 CEST44349851104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.837049961 CEST44349851104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.837059975 CEST49851443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.837079048 CEST44349851104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.837099075 CEST49851443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.837104082 CEST44349851104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.837146044 CEST49851443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.837151051 CEST44349851104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.837415934 CEST44349851104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.837451935 CEST44349851104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.837450981 CEST49851443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.837461948 CEST44349851104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.837501049 CEST49851443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.838255882 CEST44349851104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.838346004 CEST44349851104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.838382006 CEST44349851104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.838390112 CEST49851443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.838396072 CEST44349851104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.838435888 CEST49851443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.838907003 CEST44349850104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.838973999 CEST44349850104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.839025021 CEST49850443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.839036942 CEST44349850104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.839051008 CEST44349850104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.839123964 CEST49850443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.839139938 CEST44349850104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.839293957 CEST44349851104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.839427948 CEST44349851104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.839463949 CEST44349851104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.839464903 CEST49851443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.839473963 CEST44349851104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.839499950 CEST49851443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.839505911 CEST44349851104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.839519978 CEST44349850104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.839533091 CEST44349851104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.839549065 CEST44349850104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.839591026 CEST49851443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.839688063 CEST44349850104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.839720011 CEST49850443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.839721918 CEST44349850104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.839720964 CEST49850443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.839735985 CEST44349850104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.839790106 CEST44349850104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.839823008 CEST49850443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.839835882 CEST44349850104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.839891911 CEST44349850104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.839899063 CEST49850443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.839971066 CEST49850443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.850389004 CEST44349855172.64.155.119192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.850466967 CEST44349855172.64.155.119192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.850522995 CEST49855443192.168.2.7172.64.155.119
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.874178886 CEST4434984613.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.874202967 CEST4434984613.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.874238014 CEST4434984613.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.874258041 CEST49846443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.874273062 CEST4434984613.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.874305010 CEST49846443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.874326944 CEST49846443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.874682903 CEST4434984613.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.874703884 CEST4434984613.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.874737978 CEST49846443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.874744892 CEST4434984613.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.874768972 CEST49846443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.874783039 CEST49846443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.878813028 CEST49855443192.168.2.7172.64.155.119
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.878825903 CEST44349855172.64.155.119192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.881525040 CEST49851443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.881542921 CEST44349851104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.881803989 CEST49850443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.881818056 CEST44349850104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.905308008 CEST49856443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.918919086 CEST4434986131.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.919096947 CEST4434986131.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.919147968 CEST49861443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.935091019 CEST49861443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.935125113 CEST4434986131.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.956856012 CEST4434986231.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.956902981 CEST4434986231.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.956945896 CEST49862443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.956960917 CEST4434986231.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.956975937 CEST4434986231.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.957020044 CEST49862443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.957026958 CEST4434986231.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.957082033 CEST4434986231.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.957123041 CEST49862443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.978902102 CEST49862443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.978921890 CEST4434986231.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.984148026 CEST44349848104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.984199047 CEST44349848104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.984229088 CEST44349848104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.984247923 CEST49848443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.984255075 CEST44349848104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.984275103 CEST44349848104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.984296083 CEST49848443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.984404087 CEST44349848104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.984458923 CEST49848443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.993246078 CEST49868443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.993279934 CEST44349868142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.993340969 CEST49868443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.993638992 CEST49868443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.993647099 CEST44349868142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.997867107 CEST49848443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.997895002 CEST44349848104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.012115002 CEST4434985450.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.012140036 CEST4434985450.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.012236118 CEST49854443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.012249947 CEST4434985450.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.012264013 CEST4434985450.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.012312889 CEST49854443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.013434887 CEST49854443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.013448954 CEST4434985450.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.015211105 CEST443498473.211.190.76192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.015290022 CEST443498473.211.190.76192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.015343904 CEST49847443192.168.2.73.211.190.76
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.016772985 CEST49847443192.168.2.73.211.190.76
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.016781092 CEST443498473.211.190.76192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.020623922 CEST4434985652.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.020685911 CEST4434985652.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.020695925 CEST49856443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.020724058 CEST49856443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.022188902 CEST49856443192.168.2.752.252.156.53
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.022206068 CEST4434985652.252.156.53192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.029098988 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.029238939 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.029293060 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.029303074 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.029478073 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.029551983 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.029557943 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.029645920 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.029721022 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.029726028 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.029994965 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.030064106 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.030070066 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.030173063 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.030215979 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.030220985 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.030687094 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.030735016 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.030749083 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.030884981 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.030968904 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.030976057 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.031708002 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.031764030 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.031780005 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.031858921 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.031955957 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.031961918 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.032727003 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.032778978 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.032794952 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.033585072 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.033684969 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.033691883 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.033713102 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.033785105 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.033804893 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.034811020 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.034877062 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.034883022 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.034979105 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.035029888 CEST4434984613.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.035037994 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.035046101 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.035049915 CEST4434984613.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.035060883 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.035084009 CEST49846443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.035104990 CEST4434984613.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.035105944 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.035120964 CEST49846443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.035147905 CEST49846443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.035980940 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.036114931 CEST4434984613.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.036159992 CEST4434984613.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.036170006 CEST49846443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.036179066 CEST4434984613.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.036180019 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.036196947 CEST4434984613.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.036207914 CEST49846443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.036230087 CEST49846443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.036231041 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.036236048 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.036247969 CEST49846443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.036556959 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.036627054 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.036632061 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.036715984 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.036887884 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.036891937 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.037900925 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.037997007 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.038002014 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.038096905 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.038161993 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.038166046 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.039098024 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.039205074 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.039210081 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.044332981 CEST44349866192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.044569969 CEST49866443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.044583082 CEST44349866192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.045656919 CEST44349866192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.045727015 CEST49866443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.046204090 CEST49866443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.046204090 CEST49866443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.046216965 CEST44349866192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.046281099 CEST44349866192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.048281908 CEST49846443192.168.2.713.107.213.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.048300982 CEST4434984613.107.213.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.078768015 CEST44349857192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.078871012 CEST44349857192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.078927040 CEST49857443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.079240084 CEST49857443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.079262018 CEST44349857192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.080893993 CEST4434985250.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.080990076 CEST4434985250.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.081032038 CEST49852443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.091267109 CEST443498583.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.091511011 CEST49858443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.091535091 CEST443498583.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.092750072 CEST443498583.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.093106985 CEST49858443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.093287945 CEST443498583.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.093298912 CEST49858443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.093346119 CEST49858443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.093405962 CEST443498583.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.133145094 CEST49852443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.133172035 CEST4434985250.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.146684885 CEST49858443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.146754026 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.146758080 CEST49866443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.146776915 CEST44349866192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.184581041 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.184597015 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.184649944 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.184662104 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.184711933 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.184973001 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.184982061 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.185039043 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.185453892 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.185462952 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.185511112 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.186186075 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.186206102 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.186273098 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.186357975 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.186471939 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.186491013 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.186507940 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.186541080 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.186546087 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.186558008 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.187069893 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.187123060 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.187138081 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.187215090 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.187968969 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.188064098 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.188949108 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.189006090 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.189019918 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.189090014 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.189760923 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.189834118 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.190834045 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.190996885 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.191708088 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.191802979 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.191967010 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.192054987 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.192817926 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.192871094 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.242677927 CEST4434985350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.242702961 CEST4434985350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.242711067 CEST4434985350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.242747068 CEST4434985350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.242767096 CEST4434985350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.242778063 CEST49853443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.242790937 CEST4434985350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.242799997 CEST4434985350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.242841005 CEST49853443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.242841005 CEST49853443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.242855072 CEST4434985350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.242880106 CEST4434985350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.242923021 CEST49853443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.308901072 CEST49866443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.320120096 CEST49853443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.320142031 CEST4434985350.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.336513042 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.336683035 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.337189913 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.337251902 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.337368965 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.337429047 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.338263988 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.338349104 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.338762045 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.338898897 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.339875937 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.339952946 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.340802908 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.340914011 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.340918064 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.340929985 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.340965986 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.340976000 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.341968060 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.342082024 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.342710972 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.342789888 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.344010115 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.344072104 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.344811916 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.344926119 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.344927073 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.344954967 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.345031023 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.345946074 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.346028090 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.347105026 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.347171068 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.347992897 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.348117113 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.349056959 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.349160910 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.349174976 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.349184990 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.349210024 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.349234104 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.349901915 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.349982023 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.350418091 CEST44349868142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.350737095 CEST49868443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.350769997 CEST44349868142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.350846052 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.350904942 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.350994110 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.351043940 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.351109028 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.351141930 CEST44349868142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.351325035 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.351443052 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.351505041 CEST49868443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.351577044 CEST44349868142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.351654053 CEST49868443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.351782084 CEST49849443192.168.2.7104.19.177.52
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.351797104 CEST44349849104.19.177.52192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.396117926 CEST44349868142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.491530895 CEST49868443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.501430988 CEST443498653.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.502211094 CEST44349866192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.502330065 CEST44349866192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.502593040 CEST49866443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.510024071 CEST443498673.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.604455948 CEST49865443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.688086987 CEST443498583.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.688170910 CEST443498583.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.688474894 CEST49858443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.697937012 CEST49867443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.714931011 CEST44349868142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.715006113 CEST44349868142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.715049982 CEST49868443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.179830074 CEST49865443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.179888964 CEST443498653.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.180439949 CEST443498653.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.181237936 CEST49867443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.181269884 CEST443498673.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.181550980 CEST49858443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.181591034 CEST443498583.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.184154034 CEST49866443192.168.2.7192.29.11.142
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.184180975 CEST44349866192.29.11.142192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.185206890 CEST443498673.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.185247898 CEST443498673.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.185275078 CEST49867443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.185375929 CEST49865443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.185450077 CEST443498653.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.186456919 CEST49867443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.186649084 CEST443498673.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.187633991 CEST49865443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.187664986 CEST443498653.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.187665939 CEST49865443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.187701941 CEST443498653.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.187771082 CEST49867443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.187791109 CEST443498673.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.205605030 CEST49871443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.205641985 CEST44349871142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.205704927 CEST49871443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.205934048 CEST49871443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.205950975 CEST44349871142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.210515022 CEST49868443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.210551023 CEST44349868142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.213852882 CEST49872443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.213910103 CEST44349872142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.213970900 CEST49872443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.214221954 CEST49872443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.214236975 CEST44349872142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.388351917 CEST49867443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.563787937 CEST44349871142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.567822933 CEST44349872142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.604964972 CEST49871443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.639281034 CEST49871443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.639302969 CEST44349871142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.639806986 CEST44349871142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.640692949 CEST49872443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.640713930 CEST44349872142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.641145945 CEST49871443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.641222954 CEST44349871142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.641232014 CEST44349872142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.641994953 CEST49872443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.642232895 CEST49871443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.642267942 CEST44349871142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.642390013 CEST49872443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.642395020 CEST44349872142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.642436028 CEST44349872142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.686069965 CEST49875443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.686106920 CEST443498753.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.686203957 CEST49875443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.686502934 CEST49875443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.686517954 CEST443498753.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.715070963 CEST49872443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.784012079 CEST443498673.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.784250975 CEST443498673.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.784310102 CEST49867443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.786211967 CEST49867443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.786238909 CEST443498673.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.786360979 CEST443498653.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.786431074 CEST443498653.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.786480904 CEST49865443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.788198948 CEST49865443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.788219929 CEST443498653.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.931516886 CEST44349872142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.931587934 CEST44349871142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.931597948 CEST44349872142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.931662083 CEST49871443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.931703091 CEST44349871142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.931711912 CEST44349871142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.931723118 CEST49872443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:03.931751013 CEST49871443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.055919886 CEST49872443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.055955887 CEST44349872142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.078907013 CEST49871443192.168.2.7142.251.2.155
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.078941107 CEST44349871142.251.2.155192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.093211889 CEST49876443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.093251944 CEST44349876142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.093347073 CEST49876443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.093558073 CEST49876443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.093575954 CEST44349876142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.225383043 CEST49877443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.225415945 CEST4434987731.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.225497007 CEST49877443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.225723028 CEST49877443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.225749969 CEST4434987731.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.226818085 CEST49878443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.226854086 CEST4434987831.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.226950884 CEST49878443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.227116108 CEST49878443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.227133036 CEST4434987831.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.230854034 CEST49879443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.230906010 CEST443498793.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.230972052 CEST49879443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.231163025 CEST49879443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.231180906 CEST443498793.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.234678984 CEST49880443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.234709978 CEST443498803.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.234781981 CEST49880443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.234941959 CEST49880443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.234954119 CEST443498803.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.390199900 CEST49881443192.168.2.7142.250.141.104
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.390237093 CEST44349881142.250.141.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.390301943 CEST49881443192.168.2.7142.250.141.104
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.390511036 CEST49881443192.168.2.7142.250.141.104
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.390525103 CEST44349881142.250.141.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.445914030 CEST44349876142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.446145058 CEST49876443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.446158886 CEST44349876142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.446502924 CEST44349876142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.446842909 CEST49876443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.446904898 CEST44349876142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.446990967 CEST49876443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.447021008 CEST44349876142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.548682928 CEST4434987731.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.549541950 CEST4434987831.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.584752083 CEST443498753.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.599123001 CEST49877443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.599137068 CEST4434987731.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.599347115 CEST49878443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.599359989 CEST4434987831.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.599451065 CEST49875443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.599457979 CEST443498753.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.599658966 CEST4434987731.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.599812031 CEST4434987831.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.599878073 CEST443498753.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.634151936 CEST49877443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.634327888 CEST4434987731.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.646539927 CEST49878443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.646717072 CEST49875443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.646755934 CEST4434987831.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.646842003 CEST443498753.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.646872044 CEST49877443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.646986961 CEST49878443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.647053003 CEST49875443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.647079945 CEST443498753.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.647089005 CEST49875443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.647098064 CEST443498753.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.688123941 CEST4434987831.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.688127995 CEST4434987731.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.744719028 CEST44349881142.250.141.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.793210030 CEST49881443192.168.2.7142.250.141.104
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.799392939 CEST49881443192.168.2.7142.250.141.104
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.799412966 CEST44349881142.250.141.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.800913095 CEST44349881142.250.141.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.800971031 CEST49881443192.168.2.7142.250.141.104
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.803133011 CEST49881443192.168.2.7142.250.141.104
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.803220034 CEST44349881142.250.141.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.804310083 CEST49881443192.168.2.7142.250.141.104
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.804320097 CEST44349881142.250.141.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.832386971 CEST44349876142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.832668066 CEST44349876142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.832748890 CEST49876443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.833605051 CEST49876443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.833631039 CEST44349876142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.868084908 CEST4434987731.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.868184090 CEST4434987731.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.868248940 CEST49877443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.895989895 CEST4434987831.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.896063089 CEST4434987831.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.896137953 CEST49878443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.896156073 CEST4434987831.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.896172047 CEST4434987831.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.896250963 CEST4434987831.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.896500111 CEST49878443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.896500111 CEST49878443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.904673100 CEST49878443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.904690981 CEST4434987831.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.967871904 CEST49877443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.967892885 CEST4434987731.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.968554974 CEST49885443192.168.2.73.211.190.76
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.968585968 CEST443498853.211.190.76192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.968653917 CEST49885443192.168.2.73.211.190.76
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.970067024 CEST49885443192.168.2.73.211.190.76
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.970082045 CEST443498853.211.190.76192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.993423939 CEST49881443192.168.2.7142.250.141.104
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.053997993 CEST49886443192.168.2.7142.250.141.104
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.054035902 CEST44349886142.250.141.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.054111958 CEST49886443192.168.2.7142.250.141.104
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.054343939 CEST49886443192.168.2.7142.250.141.104
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.054354906 CEST44349886142.250.141.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.104762077 CEST44349881142.250.141.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.104856968 CEST44349881142.250.141.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.104909897 CEST49881443192.168.2.7142.250.141.104
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.105339050 CEST49881443192.168.2.7142.250.141.104
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.105356932 CEST44349881142.250.141.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.111371040 CEST49887443192.168.2.7146.75.92.157
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.111416101 CEST44349887146.75.92.157192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.111490011 CEST49887443192.168.2.7146.75.92.157
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.111780882 CEST49887443192.168.2.7146.75.92.157
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.111794949 CEST44349887146.75.92.157192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.128510952 CEST443498793.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.128725052 CEST49879443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.128757954 CEST443498793.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.129126072 CEST443498793.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.129440069 CEST49879443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.129508018 CEST443498793.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.129595995 CEST49879443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.129627943 CEST443498793.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.133795023 CEST443498803.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.134015083 CEST49880443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.134022951 CEST443498803.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.134507895 CEST443498803.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.134869099 CEST49880443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.134952068 CEST443498803.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.135034084 CEST49880443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.135056019 CEST443498803.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.244807959 CEST443498753.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.244867086 CEST443498753.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.244915009 CEST49875443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.245434999 CEST49875443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.245450974 CEST443498753.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.399996996 CEST443498853.211.190.76192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.400461912 CEST49885443192.168.2.73.211.190.76
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.400473118 CEST443498853.211.190.76192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.400820017 CEST443498853.211.190.76192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.402626038 CEST49885443192.168.2.73.211.190.76
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.402626038 CEST49885443192.168.2.73.211.190.76
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.402678967 CEST443498853.211.190.76192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.406913996 CEST44349886142.250.141.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.407402039 CEST49886443192.168.2.7142.250.141.104
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.407409906 CEST44349886142.250.141.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.407776117 CEST44349886142.250.141.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.408159018 CEST49886443192.168.2.7142.250.141.104
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.408230066 CEST44349886142.250.141.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.408598900 CEST49886443192.168.2.7142.250.141.104
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.428729057 CEST443498793.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.428814888 CEST443498793.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.428850889 CEST49879443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.439488888 CEST49879443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.439506054 CEST443498793.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.440975904 CEST49892443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.441016912 CEST443498923.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.441445112 CEST49892443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.441445112 CEST49892443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.441478968 CEST443498923.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.452109098 CEST44349886142.250.141.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.599387884 CEST44349887146.75.92.157192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.600027084 CEST49887443192.168.2.7146.75.92.157
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.600043058 CEST44349887146.75.92.157192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.601154089 CEST44349887146.75.92.157192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.601214886 CEST49887443192.168.2.7146.75.92.157
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.601701975 CEST49893443192.168.2.7142.251.2.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.601737976 CEST44349893142.251.2.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.601892948 CEST49893443192.168.2.7142.251.2.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.602534056 CEST49893443192.168.2.7142.251.2.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.602545977 CEST44349893142.251.2.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.603581905 CEST49887443192.168.2.7146.75.92.157
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.603648901 CEST44349887146.75.92.157192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.604048014 CEST49887443192.168.2.7146.75.92.157
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.604053974 CEST44349887146.75.92.157192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.608114004 CEST443498853.211.190.76192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.608236074 CEST49885443192.168.2.73.211.190.76
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.629664898 CEST49895443192.168.2.7142.251.2.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.629686117 CEST44349895142.251.2.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.629880905 CEST49895443192.168.2.7142.251.2.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.630338907 CEST49895443192.168.2.7142.251.2.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.630351067 CEST44349895142.251.2.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.716850042 CEST49887443192.168.2.7146.75.92.157
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.733844042 CEST443498803.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.733936071 CEST443498803.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.733978987 CEST49880443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.734707117 CEST49880443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.734719992 CEST443498803.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.796726942 CEST44349886142.250.141.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.796804905 CEST44349886142.250.141.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.797379971 CEST49886443192.168.2.7142.250.141.104
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.797403097 CEST49886443192.168.2.7142.250.141.104
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.797424078 CEST44349886142.250.141.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.821167946 CEST49897443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.821212053 CEST443498973.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.821263075 CEST49897443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.821595907 CEST49897443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.821607113 CEST443498973.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.828353882 CEST443498853.211.190.76192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.828428984 CEST443498853.211.190.76192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.828474045 CEST49885443192.168.2.73.211.190.76
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.829341888 CEST49885443192.168.2.73.211.190.76
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.829355955 CEST443498853.211.190.76192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.830506086 CEST44349887146.75.92.157192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.830677986 CEST44349887146.75.92.157192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.830727100 CEST49887443192.168.2.7146.75.92.157
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.830733061 CEST44349887146.75.92.157192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.830745935 CEST44349887146.75.92.157192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.830780029 CEST49887443192.168.2.7146.75.92.157
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.830795050 CEST44349887146.75.92.157192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.834909916 CEST49898443192.168.2.73.211.190.76
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.834943056 CEST443498983.211.190.76192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.834992886 CEST49898443192.168.2.73.211.190.76
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.835227013 CEST49898443192.168.2.73.211.190.76
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.835237980 CEST443498983.211.190.76192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.835980892 CEST44349887146.75.92.157192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.836026907 CEST49887443192.168.2.7146.75.92.157
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.836029053 CEST44349887146.75.92.157192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.836039066 CEST44349887146.75.92.157192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.836072922 CEST49887443192.168.2.7146.75.92.157
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.841372013 CEST44349887146.75.92.157192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.846752882 CEST44349887146.75.92.157192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.846801996 CEST49887443192.168.2.7146.75.92.157
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.846818924 CEST44349887146.75.92.157192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.852516890 CEST44349887146.75.92.157192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.852566004 CEST49887443192.168.2.7146.75.92.157
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.852577925 CEST44349887146.75.92.157192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.857547998 CEST44349887146.75.92.157192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.857593060 CEST49887443192.168.2.7146.75.92.157
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.857601881 CEST44349887146.75.92.157192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.862786055 CEST44349887146.75.92.157192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.862844944 CEST49887443192.168.2.7146.75.92.157
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.862853050 CEST44349887146.75.92.157192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.868149996 CEST44349887146.75.92.157192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.868222952 CEST49887443192.168.2.7146.75.92.157
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.868230104 CEST44349887146.75.92.157192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.868875980 CEST49703443192.168.2.7104.98.116.138
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.873531103 CEST44349887146.75.92.157192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.873596907 CEST49887443192.168.2.7146.75.92.157
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.873605013 CEST44349887146.75.92.157192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.878901958 CEST44349887146.75.92.157192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.878953934 CEST49887443192.168.2.7146.75.92.157
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.878961086 CEST44349887146.75.92.157192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.889575005 CEST44349887146.75.92.157192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.889620066 CEST49887443192.168.2.7146.75.92.157
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.889630079 CEST44349887146.75.92.157192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.894877911 CEST44349887146.75.92.157192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.894929886 CEST49887443192.168.2.7146.75.92.157
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.894937992 CEST44349887146.75.92.157192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.956398964 CEST44349893142.251.2.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.956686020 CEST49893443192.168.2.7142.251.2.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.956701994 CEST44349893142.251.2.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.957037926 CEST44349893142.251.2.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.957535982 CEST49893443192.168.2.7142.251.2.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.957536936 CEST49893443192.168.2.7142.251.2.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.957581043 CEST44349893142.251.2.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.957633972 CEST44349893142.251.2.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.982404947 CEST44349895142.251.2.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.982665062 CEST49895443192.168.2.7142.251.2.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.982676029 CEST44349895142.251.2.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.983028889 CEST44349895142.251.2.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.989698887 CEST49895443192.168.2.7142.251.2.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.989769936 CEST44349887146.75.92.157192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.989804983 CEST44349895142.251.2.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.989840031 CEST49887443192.168.2.7146.75.92.157
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.989865065 CEST44349887146.75.92.157192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.990319967 CEST49895443192.168.2.7142.251.2.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.992172003 CEST44349887146.75.92.157192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.992218018 CEST49887443192.168.2.7146.75.92.157
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.992224932 CEST44349887146.75.92.157192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.997205973 CEST44349887146.75.92.157192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.997250080 CEST49887443192.168.2.7146.75.92.157
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.997257948 CEST44349887146.75.92.157192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.006350994 CEST44349887146.75.92.157192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.006385088 CEST44349887146.75.92.157192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.006397963 CEST49887443192.168.2.7146.75.92.157
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.006407022 CEST44349887146.75.92.157192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.006443024 CEST49887443192.168.2.7146.75.92.157
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.010646105 CEST44349887146.75.92.157192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.011254072 CEST49893443192.168.2.7142.251.2.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.014614105 CEST44349887146.75.92.157192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.014662027 CEST44349887146.75.92.157192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.014668941 CEST49887443192.168.2.7146.75.92.157
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.014687061 CEST44349887146.75.92.157192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.014724016 CEST49887443192.168.2.7146.75.92.157
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.018440962 CEST44349887146.75.92.157192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.022402048 CEST44349887146.75.92.157192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.022442102 CEST49887443192.168.2.7146.75.92.157
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.022454023 CEST44349887146.75.92.157192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.022474051 CEST44349887146.75.92.157192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.022511959 CEST49887443192.168.2.7146.75.92.157
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.022731066 CEST49887443192.168.2.7146.75.92.157
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.022742987 CEST44349887146.75.92.157192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.028311014 CEST44349703104.98.116.138192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.032109022 CEST44349895142.251.2.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.265079021 CEST443498983.211.190.76192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.265347958 CEST49898443192.168.2.73.211.190.76
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.265377998 CEST443498983.211.190.76192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.265742064 CEST443498983.211.190.76192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.266028881 CEST49898443192.168.2.73.211.190.76
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.266093969 CEST443498983.211.190.76192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.266184092 CEST49898443192.168.2.73.211.190.76
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.308120966 CEST443498983.211.190.76192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.312454939 CEST44349893142.251.2.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.312536001 CEST44349893142.251.2.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.312587976 CEST49893443192.168.2.7142.251.2.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.313766003 CEST49893443192.168.2.7142.251.2.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.313783884 CEST44349893142.251.2.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.338448048 CEST44349895142.251.2.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.338633060 CEST44349895142.251.2.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.338717937 CEST49895443192.168.2.7142.251.2.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.339678049 CEST49895443192.168.2.7142.251.2.156
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.339699984 CEST44349895142.251.2.156192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.340991974 CEST443498923.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.348571062 CEST49892443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.348589897 CEST443498923.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.349783897 CEST443498923.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.350537062 CEST49892443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.350723028 CEST443498923.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.351309061 CEST49892443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.351363897 CEST443498923.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.651912928 CEST443498923.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.652167082 CEST443498923.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.652229071 CEST49892443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.656392097 CEST49892443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.656416893 CEST443498923.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.659130096 CEST49903443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.659159899 CEST443499033.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.659262896 CEST49903443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.659576893 CEST49903443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.659591913 CEST443499033.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.694164991 CEST443498983.211.190.76192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.694243908 CEST443498983.211.190.76192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.694314957 CEST49898443192.168.2.73.211.190.76
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.695362091 CEST49898443192.168.2.73.211.190.76
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.695385933 CEST443498983.211.190.76192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.719819069 CEST443498973.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.720489979 CEST49897443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.720510960 CEST443498973.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.720887899 CEST443498973.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.721189022 CEST49897443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.721267939 CEST443498973.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.721472979 CEST49897443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.721499920 CEST443498973.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.721529007 CEST49897443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.721534967 CEST443498973.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.907783031 CEST49906443192.168.2.7104.22.54.104
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.907808065 CEST44349906104.22.54.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.907855034 CEST49906443192.168.2.7104.22.54.104
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.909328938 CEST49906443192.168.2.7104.22.54.104
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.909337044 CEST44349906104.22.54.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.913014889 CEST49907443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.913053989 CEST4434990731.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.913106918 CEST49907443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.914371014 CEST49907443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.914380074 CEST4434990731.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.069092989 CEST49908443192.168.2.752.200.154.95
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.069139957 CEST4434990852.200.154.95192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.069209099 CEST49908443192.168.2.752.200.154.95
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.071480989 CEST49909443192.168.2.718.65.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.071523905 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.071588039 CEST49909443192.168.2.718.65.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.071749926 CEST49908443192.168.2.752.200.154.95
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.071764946 CEST4434990852.200.154.95192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.071996927 CEST49909443192.168.2.718.65.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.072006941 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.224374056 CEST44349906104.22.54.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.224597931 CEST49906443192.168.2.7104.22.54.104
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.224612951 CEST44349906104.22.54.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.225609064 CEST44349906104.22.54.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.225675106 CEST49906443192.168.2.7104.22.54.104
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.226999044 CEST49906443192.168.2.7104.22.54.104
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.227055073 CEST44349906104.22.54.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.227338076 CEST49906443192.168.2.7104.22.54.104
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.227344036 CEST44349906104.22.54.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.237348080 CEST4434990731.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.237574100 CEST49907443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.237586975 CEST4434990731.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.237926006 CEST4434990731.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.238266945 CEST49907443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.238318920 CEST4434990731.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.238471031 CEST49907443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.284118891 CEST4434990731.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.320638895 CEST443498973.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.320725918 CEST443498973.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.320785999 CEST49897443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.321739912 CEST49897443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.321759939 CEST443498973.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.325032949 CEST49910443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.325076103 CEST4434991031.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.325175047 CEST49910443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.325448036 CEST49910443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.325463057 CEST4434991031.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.405806065 CEST49906443192.168.2.7104.22.54.104
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.413925886 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.414669991 CEST49909443192.168.2.718.65.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.414686918 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.416897058 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.416968107 CEST49909443192.168.2.718.65.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.419677019 CEST49909443192.168.2.718.65.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.419764996 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.419887066 CEST49909443192.168.2.718.65.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.464121103 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.508305073 CEST49909443192.168.2.718.65.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.508326054 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.557356119 CEST443499033.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.557656050 CEST49903443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.557672024 CEST443499033.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.557848930 CEST4434990731.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.557941914 CEST4434990731.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.557996988 CEST49907443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.558034897 CEST443499033.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.558417082 CEST49903443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.558489084 CEST49903443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.558501959 CEST443499033.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.558697939 CEST49907443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.558717966 CEST4434990731.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.558727026 CEST49907443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.558924913 CEST49907443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.562690973 CEST49915443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.562736988 CEST4434991531.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.562804937 CEST49915443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.563045025 CEST49915443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.563060045 CEST4434991531.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.579042912 CEST44349906104.22.54.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.579077959 CEST44349906104.22.54.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.579118013 CEST44349906104.22.54.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.579144001 CEST49906443192.168.2.7104.22.54.104
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.579154015 CEST44349906104.22.54.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.579195023 CEST49906443192.168.2.7104.22.54.104
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.579199076 CEST44349906104.22.54.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.579292059 CEST44349906104.22.54.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.579333067 CEST49906443192.168.2.7104.22.54.104
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.581871986 CEST49906443192.168.2.7104.22.54.104
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.581885099 CEST44349906104.22.54.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.616485119 CEST49909443192.168.2.718.65.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.616777897 CEST49903443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.648339987 CEST4434991031.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.648660898 CEST49910443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.648679972 CEST4434991031.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.649060965 CEST4434991031.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.649393082 CEST49910443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.649465084 CEST4434991031.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.649497032 CEST49910443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.696119070 CEST4434991031.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.719321012 CEST49910443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.722743988 CEST4434990852.200.154.95192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.722970009 CEST49908443192.168.2.752.200.154.95
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.722996950 CEST4434990852.200.154.95192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.724030018 CEST4434990852.200.154.95192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.724081039 CEST49908443192.168.2.752.200.154.95
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.725178003 CEST49908443192.168.2.752.200.154.95
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.725363970 CEST49908443192.168.2.752.200.154.95
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.725368977 CEST4434990852.200.154.95192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.725404978 CEST4434990852.200.154.95192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.754246950 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.768476963 CEST49918443192.168.2.734.245.244.146
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.768508911 CEST4434991834.245.244.146192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.768620014 CEST49918443192.168.2.734.245.244.146
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.768783092 CEST49918443192.168.2.734.245.244.146
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.768796921 CEST4434991834.245.244.146192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.776838064 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.776864052 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.776885033 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.776918888 CEST49909443192.168.2.718.65.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.776928902 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.776947021 CEST49909443192.168.2.718.65.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.776952028 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.776974916 CEST49909443192.168.2.718.65.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.776987076 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.776993990 CEST49909443192.168.2.718.65.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.777014971 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.777040958 CEST49909443192.168.2.718.65.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.803617954 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.803639889 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.803659916 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.803698063 CEST49909443192.168.2.718.65.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.803715944 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.803735971 CEST49909443192.168.2.718.65.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.803736925 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.803757906 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.803764105 CEST49909443192.168.2.718.65.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.803786993 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.803790092 CEST49909443192.168.2.718.65.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.803812027 CEST49909443192.168.2.718.65.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.860656977 CEST443499033.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.860778093 CEST443499033.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.861145973 CEST49903443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.861280918 CEST49903443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.861282110 CEST49903443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.861300945 CEST443499033.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.861557007 CEST49903443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.862603903 CEST49919443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.862648964 CEST443499193.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.862706900 CEST49919443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.863060951 CEST49919443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.863075018 CEST443499193.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.886715889 CEST4434991531.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.887095928 CEST49915443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.887125015 CEST4434991531.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.887463093 CEST4434991531.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.887809992 CEST49915443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.887872934 CEST4434991531.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.887989044 CEST49915443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.912739038 CEST49908443192.168.2.752.200.154.95
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.912755013 CEST49909443192.168.2.718.65.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.912758112 CEST4434990852.200.154.95192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.912756920 CEST4970780192.168.2.750.56.19.116
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.928119898 CEST4434991531.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.928981066 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.929007053 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.929024935 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.929049015 CEST49909443192.168.2.718.65.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.929073095 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.929090977 CEST49909443192.168.2.718.65.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.929094076 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.929114103 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.929122925 CEST49909443192.168.2.718.65.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.929138899 CEST49909443192.168.2.718.65.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.929157019 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.929199934 CEST49909443192.168.2.718.65.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.941643953 CEST4434990852.200.154.95192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.941704035 CEST49908443192.168.2.752.200.154.95
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.942430973 CEST49908443192.168.2.752.200.154.95
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.942445993 CEST4434990852.200.154.95192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.955744982 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.955755949 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.955790043 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.955816031 CEST49909443192.168.2.718.65.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.955823898 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.955847025 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.955864906 CEST49909443192.168.2.718.65.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.955888987 CEST49909443192.168.2.718.65.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.984934092 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.984956980 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.985033035 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.985090017 CEST49909443192.168.2.718.65.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.985090017 CEST49909443192.168.2.718.65.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.985090017 CEST49909443192.168.2.718.65.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.985105991 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.985127926 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.985173941 CEST49909443192.168.2.718.65.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.000592947 CEST4434991031.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.000652075 CEST4434991031.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.000721931 CEST4434991031.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.000770092 CEST49910443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.000791073 CEST4434991031.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.000849962 CEST4434991031.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.000946999 CEST49910443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.011574984 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.011621952 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.011655092 CEST49909443192.168.2.718.65.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.011673927 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.011701107 CEST49909443192.168.2.718.65.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.039372921 CEST49910443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.039395094 CEST4434991031.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.064527988 CEST49920443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.064569950 CEST4434992031.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.064740896 CEST49920443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.065499067 CEST49920443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.065521002 CEST4434992031.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.083195925 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.083242893 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.083272934 CEST49909443192.168.2.718.65.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.083297968 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.083326101 CEST49909443192.168.2.718.65.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.091145039 CEST4970680192.168.2.750.56.19.116
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.101023912 CEST49923443192.168.2.752.200.154.95
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.101057053 CEST4434992352.200.154.95192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.101180077 CEST49923443192.168.2.752.200.154.95
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.101424932 CEST49923443192.168.2.752.200.154.95
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.101439953 CEST4434992352.200.154.95192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.107758999 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.107789993 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.107809067 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.107820034 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.107826948 CEST49909443192.168.2.718.65.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.107846022 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.107877970 CEST49909443192.168.2.718.65.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.121864080 CEST804970750.56.19.116192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.127048016 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.127099991 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.127115011 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.127146006 CEST49909443192.168.2.718.65.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.127150059 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.127172947 CEST49909443192.168.2.718.65.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.127177954 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.127222061 CEST49909443192.168.2.718.65.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.127300978 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.127485037 CEST49909443192.168.2.718.65.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.127496004 CEST4434990918.65.25.14192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.127505064 CEST49909443192.168.2.718.65.25.14
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.206664085 CEST4434991531.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.206749916 CEST4434991531.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.207461119 CEST49915443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.207495928 CEST4434991531.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.207528114 CEST49915443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.207557917 CEST49915443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.215894938 CEST49924443192.168.2.7104.244.42.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.215934992 CEST44349924104.244.42.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.216018915 CEST49924443192.168.2.7104.244.42.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.216238022 CEST49924443192.168.2.7104.244.42.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.216253996 CEST44349924104.244.42.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.248974085 CEST49925443192.168.2.7104.244.42.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.249021053 CEST44349925104.244.42.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.249208927 CEST49925443192.168.2.7104.244.42.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.249358892 CEST49925443192.168.2.7104.244.42.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.249375105 CEST44349925104.244.42.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.284926891 CEST49927443192.168.2.7104.244.42.131
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.284959078 CEST44349927104.244.42.131192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.285038948 CEST49927443192.168.2.7104.244.42.131
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.285203934 CEST49927443192.168.2.7104.244.42.131
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.285214901 CEST44349927104.244.42.131192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.299390078 CEST804970650.56.19.116192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.393845081 CEST4434992031.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.394202948 CEST49920443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.394243002 CEST4434992031.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.395358086 CEST4434992031.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.396483898 CEST49920443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.396584988 CEST4434992031.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.396610975 CEST49920443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.427779913 CEST49928443192.168.2.7104.244.42.131
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.427808046 CEST44349928104.244.42.131192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.427876949 CEST49928443192.168.2.7104.244.42.131
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.428076029 CEST49928443192.168.2.7104.244.42.131
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.428086996 CEST44349928104.244.42.131192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.437593937 CEST49920443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.437634945 CEST4434992031.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.531090021 CEST4434992352.200.154.95192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.532207966 CEST49923443192.168.2.752.200.154.95
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.532233953 CEST4434992352.200.154.95192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.533360004 CEST4434992352.200.154.95192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.533421040 CEST49923443192.168.2.752.200.154.95
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.533740044 CEST49923443192.168.2.752.200.154.95
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.533816099 CEST4434992352.200.154.95192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.533854008 CEST49923443192.168.2.752.200.154.95
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.576124907 CEST4434992352.200.154.95192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.576805115 CEST49923443192.168.2.752.200.154.95
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.576828003 CEST4434992352.200.154.95192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.592247009 CEST4971180192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.603146076 CEST44349924104.244.42.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.603528023 CEST49924443192.168.2.7104.244.42.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.603557110 CEST44349924104.244.42.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.605268955 CEST44349924104.244.42.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.605372906 CEST49924443192.168.2.7104.244.42.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.606668949 CEST49924443192.168.2.7104.244.42.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.606765032 CEST44349924104.244.42.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.606887102 CEST49924443192.168.2.7104.244.42.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.622783899 CEST49923443192.168.2.752.200.154.95
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.623872995 CEST44349925104.244.42.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.624195099 CEST49925443192.168.2.7104.244.42.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.624224901 CEST44349925104.244.42.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.625353098 CEST44349925104.244.42.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.625411987 CEST49925443192.168.2.7104.244.42.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.625931978 CEST49925443192.168.2.7104.244.42.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.626020908 CEST44349925104.244.42.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.626092911 CEST49925443192.168.2.7104.244.42.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.652113914 CEST44349924104.244.42.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.653902054 CEST49924443192.168.2.7104.244.42.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.653928995 CEST44349924104.244.42.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.664319992 CEST44349927104.244.42.131192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.668142080 CEST49927443192.168.2.7104.244.42.131
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.668169022 CEST44349927104.244.42.131192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.669348001 CEST44349927104.244.42.131192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.669426918 CEST49927443192.168.2.7104.244.42.131
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.669426918 CEST49925443192.168.2.7104.244.42.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.669454098 CEST44349925104.244.42.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.671997070 CEST49927443192.168.2.7104.244.42.131
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.672096968 CEST44349927104.244.42.131192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.672171116 CEST49927443192.168.2.7104.244.42.131
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.700546026 CEST49924443192.168.2.7104.244.42.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.716125965 CEST44349927104.244.42.131192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.716269970 CEST49927443192.168.2.7104.244.42.131
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.716269970 CEST49925443192.168.2.7104.244.42.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.716290951 CEST44349927104.244.42.131192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.742100954 CEST4434992031.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.742173910 CEST4434992031.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.742286921 CEST49920443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.742301941 CEST4434992031.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.742319107 CEST4434992031.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.742362022 CEST49920443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.742379904 CEST4434992031.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.742412090 CEST4434992031.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.743187904 CEST49920443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.743200064 CEST4434992031.13.70.36192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.743212938 CEST49920443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.743242025 CEST49920443192.168.2.731.13.70.36
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.756061077 CEST443499193.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.760665894 CEST49919443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.760694027 CEST443499193.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.761121035 CEST443499193.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.761856079 CEST49919443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.761935949 CEST443499193.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.762042999 CEST49919443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.762077093 CEST443499193.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.763457060 CEST49927443192.168.2.7104.244.42.131
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.763484001 CEST4971080192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.800411940 CEST804971150.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.801919937 CEST44349928104.244.42.131192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.802273989 CEST49928443192.168.2.7104.244.42.131
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.802288055 CEST44349928104.244.42.131192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.803353071 CEST44349928104.244.42.131192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.803416014 CEST49928443192.168.2.7104.244.42.131
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.803824902 CEST49928443192.168.2.7104.244.42.131
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.803896904 CEST44349928104.244.42.131192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.803986073 CEST49928443192.168.2.7104.244.42.131
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.844124079 CEST44349928104.244.42.131192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.855953932 CEST49928443192.168.2.7104.244.42.131
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.855964899 CEST44349928104.244.42.131192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.902801037 CEST49928443192.168.2.7104.244.42.131
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.960829973 CEST4434991834.245.244.146192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.964421034 CEST49918443192.168.2.734.245.244.146
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.964435101 CEST4434991834.245.244.146192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.965504885 CEST4434991834.245.244.146192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.965579033 CEST49918443192.168.2.734.245.244.146
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.966550112 CEST49918443192.168.2.734.245.244.146
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.966614962 CEST4434991834.245.244.146192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.966989040 CEST49918443192.168.2.734.245.244.146
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.966998100 CEST4434991834.245.244.146192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.968858004 CEST44349924104.244.42.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.968950033 CEST44349924104.244.42.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.969022036 CEST49924443192.168.2.7104.244.42.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.969607115 CEST49924443192.168.2.7104.244.42.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.969628096 CEST44349924104.244.42.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.971151114 CEST49929443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.971174002 CEST44349929142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.971762896 CEST804971050.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.971838951 CEST49929443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.972081900 CEST49929443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.972104073 CEST44349929142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.000610113 CEST44349925104.244.42.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.000695944 CEST44349925104.244.42.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.000801086 CEST49925443192.168.2.7104.244.42.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.001485109 CEST49925443192.168.2.7104.244.42.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.001513004 CEST44349925104.244.42.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.003000021 CEST4434992352.200.154.95192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.003081083 CEST4434992352.200.154.95192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.003247976 CEST49930443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.003269911 CEST49923443192.168.2.752.200.154.95
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.003278971 CEST44349930142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.003891945 CEST49923443192.168.2.752.200.154.95
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.003906965 CEST4434992352.200.154.95192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.003930092 CEST49930443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.004333973 CEST49930443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.004345894 CEST44349930142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.013782024 CEST49918443192.168.2.734.245.244.146
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.035600901 CEST44349927104.244.42.131192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.035675049 CEST44349927104.244.42.131192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.035769939 CEST49927443192.168.2.7104.244.42.131
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.037493944 CEST49927443192.168.2.7104.244.42.131
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.037523985 CEST44349927104.244.42.131192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.060169935 CEST443499193.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.060251951 CEST443499193.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.060345888 CEST49919443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.060870886 CEST49919443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.060892105 CEST443499193.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.127897978 CEST49932443192.168.2.7104.244.42.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.127938986 CEST44349932104.244.42.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.128001928 CEST49933443192.168.2.7104.244.42.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.128046989 CEST44349933104.244.42.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.128052950 CEST49932443192.168.2.7104.244.42.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.128092051 CEST49933443192.168.2.7104.244.42.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.128365993 CEST49932443192.168.2.7104.244.42.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.128396988 CEST44349932104.244.42.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.128525972 CEST49933443192.168.2.7104.244.42.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.128542900 CEST44349933104.244.42.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.177970886 CEST44349928104.244.42.131192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.178051949 CEST44349928104.244.42.131192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.178128958 CEST49928443192.168.2.7104.244.42.131
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.179620981 CEST49928443192.168.2.7104.244.42.131
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.179640055 CEST44349928104.244.42.131192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.205688000 CEST49934443192.168.2.7104.244.42.131
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.205733061 CEST44349934104.244.42.131192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.205828905 CEST49934443192.168.2.7104.244.42.131
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.209919930 CEST49935443192.168.2.7104.244.42.131
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.209973097 CEST44349935104.244.42.131192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.210047007 CEST49935443192.168.2.7104.244.42.131
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.211451054 CEST49935443192.168.2.7104.244.42.131
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.211462021 CEST44349935104.244.42.131192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.212357998 CEST49934443192.168.2.7104.244.42.131
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.212400913 CEST44349934104.244.42.131192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.327543974 CEST44349929142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.327840090 CEST49929443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.327871084 CEST44349929142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.328214884 CEST44349929142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.328500032 CEST49929443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.328563929 CEST44349929142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.328634024 CEST49929443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.360956907 CEST44349930142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.361273050 CEST49930443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.361299992 CEST44349930142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.361848116 CEST44349930142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.362149000 CEST49930443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.362241983 CEST44349930142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.362267971 CEST49930443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.372160912 CEST44349929142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.404120922 CEST44349930142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.404401064 CEST49930443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.502918959 CEST44349932104.244.42.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.503372908 CEST49932443192.168.2.7104.244.42.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.503439903 CEST44349932104.244.42.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.504543066 CEST44349932104.244.42.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.504630089 CEST49932443192.168.2.7104.244.42.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.504973888 CEST49932443192.168.2.7104.244.42.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.505050898 CEST44349932104.244.42.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.505114079 CEST49932443192.168.2.7104.244.42.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.505134106 CEST44349932104.244.42.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.505614042 CEST44349933104.244.42.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.505820990 CEST49933443192.168.2.7104.244.42.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.505851984 CEST44349933104.244.42.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.506959915 CEST44349933104.244.42.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.507064104 CEST49933443192.168.2.7104.244.42.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.507304907 CEST49933443192.168.2.7104.244.42.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.507375002 CEST44349933104.244.42.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.507430077 CEST49933443192.168.2.7104.244.42.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.549422979 CEST49933443192.168.2.7104.244.42.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.549439907 CEST44349933104.244.42.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.549540043 CEST49932443192.168.2.7104.244.42.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.560235023 CEST4434991834.245.244.146192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.560328007 CEST4434991834.245.244.146192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.560468912 CEST49918443192.168.2.734.245.244.146
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.560798883 CEST49918443192.168.2.734.245.244.146
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.560821056 CEST4434991834.245.244.146192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.586002111 CEST44349935104.244.42.131192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.586426020 CEST49935443192.168.2.7104.244.42.131
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.586438894 CEST44349935104.244.42.131192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.586911917 CEST44349934104.244.42.131192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.587097883 CEST49934443192.168.2.7104.244.42.131
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.587137938 CEST44349934104.244.42.131192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.587486982 CEST44349935104.244.42.131192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.587723017 CEST49935443192.168.2.7104.244.42.131
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.587862015 CEST49935443192.168.2.7104.244.42.131
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.587912083 CEST44349935104.244.42.131192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.588165045 CEST49935443192.168.2.7104.244.42.131
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.588171005 CEST44349935104.244.42.131192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.588234901 CEST44349934104.244.42.131192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.588303089 CEST49934443192.168.2.7104.244.42.131
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.588551044 CEST49934443192.168.2.7104.244.42.131
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.588632107 CEST44349934104.244.42.131192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.588638067 CEST49934443192.168.2.7104.244.42.131
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.595171928 CEST49933443192.168.2.7104.244.42.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.636136055 CEST44349934104.244.42.131192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.640965939 CEST49934443192.168.2.7104.244.42.131
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.641000986 CEST49935443192.168.2.7104.244.42.131
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.641033888 CEST44349934104.244.42.131192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.686811924 CEST44349929142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.686887026 CEST44349929142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.687031031 CEST49929443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.687563896 CEST49929443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.687582970 CEST44349929142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.687926054 CEST49934443192.168.2.7104.244.42.131
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.692748070 CEST49937443192.168.2.7142.250.141.104
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.692786932 CEST44349937142.250.141.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.692854881 CEST49937443192.168.2.7142.250.141.104
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.693094015 CEST49937443192.168.2.7142.250.141.104
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.693105936 CEST44349937142.250.141.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.719737053 CEST49938443192.168.2.734.240.56.220
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.719773054 CEST4434993834.240.56.220192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.719861031 CEST49938443192.168.2.734.240.56.220
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.720082998 CEST49938443192.168.2.734.240.56.220
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.720093012 CEST4434993834.240.56.220192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.720851898 CEST44349930142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.720931053 CEST44349930142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.721035004 CEST49930443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.721429110 CEST49930443192.168.2.7142.250.141.106
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.721447945 CEST44349930142.250.141.106192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.724710941 CEST49939443192.168.2.7142.250.141.104
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.724740028 CEST44349939142.250.141.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.724848986 CEST49939443192.168.2.7142.250.141.104
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.724994898 CEST49939443192.168.2.7142.250.141.104
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.725009918 CEST44349939142.250.141.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.877546072 CEST44349932104.244.42.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.877620935 CEST44349932104.244.42.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.877693892 CEST49932443192.168.2.7104.244.42.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.878124952 CEST49932443192.168.2.7104.244.42.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.878168106 CEST44349932104.244.42.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.921253920 CEST44349933104.244.42.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.921324968 CEST44349933104.244.42.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.921462059 CEST49933443192.168.2.7104.244.42.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.921935081 CEST49933443192.168.2.7104.244.42.69
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.921957016 CEST44349933104.244.42.69192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.962677002 CEST44349935104.244.42.131192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.962752104 CEST44349935104.244.42.131192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.962830067 CEST49935443192.168.2.7104.244.42.131
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.963438988 CEST49935443192.168.2.7104.244.42.131
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.963449955 CEST44349935104.244.42.131192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.969255924 CEST44349934104.244.42.131192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.969358921 CEST44349934104.244.42.131192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.969412088 CEST49934443192.168.2.7104.244.42.131
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.970572948 CEST49934443192.168.2.7104.244.42.131
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.970611095 CEST44349934104.244.42.131192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.045510054 CEST44349937142.250.141.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.045761108 CEST49937443192.168.2.7142.250.141.104
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.045780897 CEST44349937142.250.141.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.046113968 CEST44349937142.250.141.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.046394110 CEST49937443192.168.2.7142.250.141.104
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.046457052 CEST44349937142.250.141.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.046506882 CEST49937443192.168.2.7142.250.141.104
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.085594893 CEST44349939142.250.141.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.085891008 CEST49939443192.168.2.7142.250.141.104
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.085906982 CEST44349939142.250.141.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.086359024 CEST44349939142.250.141.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.086674929 CEST49939443192.168.2.7142.250.141.104
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.086744070 CEST44349939142.250.141.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.086826086 CEST49939443192.168.2.7142.250.141.104
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.088126898 CEST44349937142.250.141.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.132114887 CEST44349939142.250.141.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.135999918 CEST49939443192.168.2.7142.250.141.104
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.404213905 CEST44349937142.250.141.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.404299974 CEST44349937142.250.141.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.404356956 CEST49937443192.168.2.7142.250.141.104
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.405179977 CEST49937443192.168.2.7142.250.141.104
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.405200005 CEST44349937142.250.141.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.444422960 CEST44349939142.250.141.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.444657087 CEST44349939142.250.141.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.444726944 CEST49939443192.168.2.7142.250.141.104
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.445046902 CEST49939443192.168.2.7142.250.141.104
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.445071936 CEST44349939142.250.141.104192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.612225056 CEST4434993834.240.56.220192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.612698078 CEST49938443192.168.2.734.240.56.220
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.612726927 CEST4434993834.240.56.220192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.613818884 CEST4434993834.240.56.220192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.613888025 CEST49938443192.168.2.734.240.56.220
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.614434958 CEST49938443192.168.2.734.240.56.220
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.614487886 CEST4434993834.240.56.220192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.614696980 CEST49938443192.168.2.734.240.56.220
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.614705086 CEST4434993834.240.56.220192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.665007114 CEST49938443192.168.2.734.240.56.220
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.669644117 CEST49941443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.669687033 CEST4434994150.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.669776917 CEST49941443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.670285940 CEST49941443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.670298100 CEST4434994150.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.712347984 CEST49943443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.712394953 CEST443499433.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.712474108 CEST49943443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.713531017 CEST49943443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.713541985 CEST443499433.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.912024975 CEST4434993834.240.56.220192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.912126064 CEST4434993834.240.56.220192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.912193060 CEST49938443192.168.2.734.240.56.220
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.912517071 CEST49938443192.168.2.734.240.56.220
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.912533998 CEST4434993834.240.56.220192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:11.090630054 CEST4434994150.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:11.091051102 CEST49941443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:11.091084957 CEST4434994150.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:11.092303038 CEST4434994150.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:11.092632055 CEST49941443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:11.092813969 CEST49941443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:11.092817068 CEST4434994150.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:11.092952967 CEST4434994150.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:11.138191938 CEST49941443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:11.611741066 CEST443499433.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:11.612165928 CEST49943443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:11.612185955 CEST443499433.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:11.612550974 CEST443499433.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:11.612938881 CEST49943443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:11.613004923 CEST443499433.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:11.613044024 CEST49943443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:11.613075972 CEST443499433.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:11.613116026 CEST49943443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:11.613125086 CEST443499433.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:11.717489958 CEST4434994150.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:11.717513084 CEST4434994150.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:11.717519999 CEST4434994150.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:11.717560053 CEST4434994150.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:11.717648029 CEST49941443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:11.717665911 CEST4434994150.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:11.717686892 CEST4434994150.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:11.717709064 CEST49941443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:11.717709064 CEST49941443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:11.717761040 CEST49941443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:11.717767954 CEST4434994150.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:11.717813969 CEST49941443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:11.719172955 CEST49941443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:11.719188929 CEST4434994150.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:11.724179983 CEST49944443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:11.724226952 CEST4434994450.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:11.724328041 CEST49944443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:11.724618912 CEST49944443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:11.724633932 CEST4434994450.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:12.143342972 CEST4434994450.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:12.145864010 CEST49944443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:12.145885944 CEST4434994450.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:12.146275043 CEST4434994450.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:12.146774054 CEST49944443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:12.146774054 CEST49944443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:12.146831989 CEST4434994450.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:12.146981001 CEST4434994450.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:12.198235035 CEST49944443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:12.211549044 CEST443499433.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:12.211720943 CEST443499433.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:12.211836100 CEST49943443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:12.212066889 CEST49943443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:12.212090969 CEST443499433.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:12.212122917 CEST49943443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:12.212141037 CEST49943443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:12.215557098 CEST49945443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:12.215600014 CEST443499453.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:12.215688944 CEST49945443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:12.215902090 CEST49945443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:12.215914965 CEST443499453.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:12.563390017 CEST4434994450.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:12.604363918 CEST49944443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:12.604393959 CEST4434994450.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:12.651206017 CEST49944443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:12.771461010 CEST4434994450.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:12.771478891 CEST4434994450.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:12.771497965 CEST4434994450.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:12.771508932 CEST4434994450.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:12.771538973 CEST4434994450.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:12.771688938 CEST49944443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:12.771718979 CEST4434994450.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:12.771732092 CEST4434994450.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:12.771773100 CEST49944443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:12.771780968 CEST4434994450.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:12.771811008 CEST49944443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:12.771826029 CEST49944443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:12.772119999 CEST49944443192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:12.772141933 CEST4434994450.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:13.112992048 CEST443499453.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:13.113406897 CEST49945443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:13.113439083 CEST443499453.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:13.113796949 CEST443499453.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:13.114149094 CEST49945443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:13.114212036 CEST443499453.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:13.114326000 CEST49945443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:13.114350080 CEST443499453.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:13.412456989 CEST443499453.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:13.412539005 CEST443499453.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:13.412595987 CEST49945443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:13.413167000 CEST49945443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:13.413186073 CEST443499453.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:15.611589909 CEST49947443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:15.611644030 CEST443499473.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:15.611725092 CEST49947443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:15.612248898 CEST49947443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:15.612272978 CEST443499473.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:16.510188103 CEST443499473.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:16.510518074 CEST49947443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:16.510555029 CEST443499473.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:16.511702061 CEST443499473.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:16.512012005 CEST49947443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:16.512176991 CEST49947443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:16.512213945 CEST443499473.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:16.512239933 CEST49947443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:16.512331963 CEST443499473.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:16.556750059 CEST49947443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:17.113064051 CEST443499473.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:17.113183975 CEST443499473.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:17.113265038 CEST49947443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:17.113609076 CEST49947443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:17.113631010 CEST443499473.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:17.117213011 CEST49948443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:17.117257118 CEST443499483.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:17.117366076 CEST49948443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:17.117633104 CEST49948443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:17.117646933 CEST443499483.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:18.016849995 CEST443499483.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:18.017261982 CEST49948443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:18.017281055 CEST443499483.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:18.017782927 CEST443499483.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:18.018125057 CEST49948443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:18.018217087 CEST443499483.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:18.018289089 CEST49948443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:18.018371105 CEST443499483.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:18.317980051 CEST443499483.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:18.318178892 CEST443499483.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:18.318372965 CEST49948443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:18.318866968 CEST49948443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:18.318888903 CEST443499483.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:18.318901062 CEST49948443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:18.319036007 CEST49948443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:20.200051069 CEST49736443192.168.2.7152.195.19.97
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:20.200088978 CEST44349736152.195.19.97192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:24.539243937 CEST4970780192.168.2.750.56.19.116
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:24.539320946 CEST4971180192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:24.747756958 CEST804971150.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:24.747787952 CEST804971150.56.19.112192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:24.747987032 CEST804970750.56.19.116192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:24.748018026 CEST4971180192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:24.748027086 CEST804970750.56.19.116192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:24.748075962 CEST4970780192.168.2.750.56.19.116
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:26.575324059 CEST49951443192.168.2.7142.250.141.99
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:26.575381041 CEST44349951142.250.141.99192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:26.575561047 CEST49951443192.168.2.7142.250.141.99
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:26.576515913 CEST49951443192.168.2.7142.250.141.99
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:26.576531887 CEST44349951142.250.141.99192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:26.930896997 CEST44349951142.250.141.99192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:26.935230970 CEST49951443192.168.2.7142.250.141.99
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:26.935249090 CEST44349951142.250.141.99192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:26.935601950 CEST44349951142.250.141.99192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:26.935967922 CEST49951443192.168.2.7142.250.141.99
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:26.936047077 CEST44349951142.250.141.99192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:26.981762886 CEST49951443192.168.2.7142.250.141.99
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:29.700177908 CEST49952443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:29.700231075 CEST443499523.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:29.700320959 CEST49952443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:29.700953007 CEST49953443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:29.701005936 CEST443499533.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:29.701131105 CEST49953443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:29.701179028 CEST49952443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:29.701189995 CEST443499523.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:29.701437950 CEST49953443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:29.701457024 CEST443499533.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:29.702475071 CEST49954443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:29.702502966 CEST443499543.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:29.702560902 CEST49954443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:29.702832937 CEST49954443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:29.702841043 CEST443499543.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:30.595350981 CEST443499543.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:30.596194029 CEST49954443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:30.596209049 CEST443499543.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:30.596613884 CEST443499533.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:30.597328901 CEST443499543.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:30.597387075 CEST49954443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:30.597727060 CEST49953443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:30.597743988 CEST443499533.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:30.598695040 CEST49954443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:30.598761082 CEST443499543.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:30.598867893 CEST49954443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:30.598876953 CEST443499543.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:30.598891020 CEST49954443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:30.598906994 CEST443499543.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:30.598953962 CEST443499533.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:30.599244118 CEST49953443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:30.599315882 CEST49953443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:30.599365950 CEST443499523.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:30.599374056 CEST49953443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:30.599440098 CEST443499533.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:30.599526882 CEST49952443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:30.599555016 CEST443499523.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:30.599956989 CEST443499523.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:30.600193977 CEST49952443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:30.600269079 CEST443499523.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:30.600291014 CEST49952443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:30.600306988 CEST443499523.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:30.600334883 CEST49952443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:30.600347042 CEST443499523.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:30.652925968 CEST49954443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:30.652926922 CEST49953443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:31.194075108 CEST443499543.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:31.194188118 CEST443499543.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:31.194269896 CEST49954443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:31.196501017 CEST49954443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:31.196516991 CEST443499543.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:31.198090076 CEST443499533.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:31.198191881 CEST443499523.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:31.198282957 CEST443499533.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:31.198337078 CEST49953443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:31.198426008 CEST443499523.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:31.198453903 CEST49953443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:31.198453903 CEST49953443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:31.198477030 CEST49952443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:31.198482037 CEST443499533.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:31.198535919 CEST49953443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:31.199707031 CEST49952443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:31.199721098 CEST443499523.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:31.251986980 CEST49955443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:31.252027988 CEST443499553.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:31.252123117 CEST49955443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:31.252403021 CEST49955443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:31.252418041 CEST443499553.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:32.152553082 CEST443499553.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:32.198724985 CEST49955443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:32.198744059 CEST443499553.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:32.200030088 CEST443499553.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:32.247147083 CEST49955443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:32.247291088 CEST443499553.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:32.247323990 CEST49955443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:32.247359991 CEST443499553.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:32.387411118 CEST49955443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:32.547027111 CEST443499553.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:32.547106028 CEST443499553.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:32.547204971 CEST49955443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:32.547907114 CEST49955443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:32.547939062 CEST443499553.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:32.551961899 CEST49956443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:32.551999092 CEST443499563.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:32.552056074 CEST49956443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:32.552257061 CEST49956443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:32.552272081 CEST443499563.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:33.448596001 CEST443499563.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:33.448879957 CEST49956443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:33.448899984 CEST443499563.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:33.449412107 CEST443499563.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:33.449688911 CEST49956443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:33.449811935 CEST443499563.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:33.449855089 CEST49956443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:33.449888945 CEST443499563.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:33.587982893 CEST49956443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:33.747476101 CEST443499563.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:33.747570992 CEST443499563.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:33.747633934 CEST49956443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:33.749347925 CEST49956443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:33.749358892 CEST443499563.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:33.751111984 CEST49957443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:33.751168013 CEST443499573.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:33.751250982 CEST49957443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:33.751441002 CEST49957443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:33.751471996 CEST443499573.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:34.648618937 CEST443499573.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:34.648966074 CEST49957443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:34.648992062 CEST443499573.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:34.650139093 CEST443499573.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:34.650495052 CEST49957443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:34.650654078 CEST49957443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:34.650671005 CEST443499573.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:34.775511980 CEST49957443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:34.948496103 CEST443499573.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:34.948574066 CEST443499573.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:34.948689938 CEST49957443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:34.950603008 CEST49957443192.168.2.73.248.162.96
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:34.950620890 CEST443499573.248.162.96192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:35.665311098 CEST44349736152.195.19.97192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:35.665416002 CEST44349736152.195.19.97192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:35.665493011 CEST49736443192.168.2.7152.195.19.97
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:36.864615917 CEST49736443192.168.2.7152.195.19.97
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:36.864692926 CEST44349736152.195.19.97192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:36.989672899 CEST44349951142.250.141.99192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:36.989847898 CEST44349951142.250.141.99192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:36.989921093 CEST49951443192.168.2.7142.250.141.99
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:37.342591047 CEST49958443192.168.2.752.165.165.26
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:37.342633009 CEST4434995852.165.165.26192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:37.342736959 CEST49958443192.168.2.752.165.165.26
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:37.343522072 CEST49958443192.168.2.752.165.165.26
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:37.343534946 CEST4434995852.165.165.26192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:37.959045887 CEST4434995852.165.165.26192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:37.959115028 CEST49958443192.168.2.752.165.165.26
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:37.962636948 CEST49958443192.168.2.752.165.165.26
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:37.962646008 CEST4434995852.165.165.26192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:37.963057995 CEST4434995852.165.165.26192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:38.023467064 CEST49958443192.168.2.752.165.165.26
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:38.486011028 CEST49958443192.168.2.752.165.165.26
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:38.528129101 CEST4434995852.165.165.26192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:38.562131882 CEST49951443192.168.2.7142.250.141.99
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:38.562160969 CEST44349951142.250.141.99192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:38.884938955 CEST4434995852.165.165.26192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:38.884972095 CEST4434995852.165.165.26192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:38.884980917 CEST4434995852.165.165.26192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:38.884999037 CEST4434995852.165.165.26192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:38.885008097 CEST4434995852.165.165.26192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:38.885015011 CEST4434995852.165.165.26192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:38.885075092 CEST49958443192.168.2.752.165.165.26
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:38.885093927 CEST4434995852.165.165.26192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:38.885112047 CEST49958443192.168.2.752.165.165.26
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:38.885113001 CEST4434995852.165.165.26192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:38.885128975 CEST4434995852.165.165.26192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:38.885143995 CEST4434995852.165.165.26192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:38.885143995 CEST49958443192.168.2.752.165.165.26
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:38.885153055 CEST4434995852.165.165.26192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:38.885163069 CEST49958443192.168.2.752.165.165.26
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:38.885184050 CEST49958443192.168.2.752.165.165.26
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:38.885241985 CEST4434995852.165.165.26192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:38.885291100 CEST49958443192.168.2.752.165.165.26
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:39.311655998 CEST49958443192.168.2.752.165.165.26
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:39.311686039 CEST4434995852.165.165.26192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:39.311698914 CEST49958443192.168.2.752.165.165.26
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:39.311705112 CEST4434995852.165.165.26192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:53.385318041 CEST4970680192.168.2.750.56.19.116
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:53.593817949 CEST804970650.56.19.116192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:53.979032993 CEST4971080192.168.2.750.56.19.112
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:54.187509060 CEST804971050.56.19.112192.168.2.7

                                                                                                                                                                                                                                                                                                                                  UDP Packets

                                                                                                                                                                                                                                                                                                                                  TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:15.917100906 CEST123123192.168.2.740.119.6.228
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:16.124876976 CEST12312340.119.6.228192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:22.319150925 CEST4930653192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:22.319422960 CEST6110553192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:22.474025965 CEST53493061.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:22.474351883 CEST53529931.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:22.516360998 CEST53611051.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:22.609638929 CEST53548001.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:23.064595938 CEST5760153192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:23.065118074 CEST5079953192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:23.304797888 CEST53507991.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:23.304816008 CEST53576011.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:26.511774063 CEST4942253192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:26.511873007 CEST5056653192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:26.665083885 CEST53505661.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:26.665102005 CEST53494221.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:27.772423029 CEST5838353192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:27.772645950 CEST5775053192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:27.926516056 CEST53583831.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:27.927114010 CEST53577501.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:27.951427937 CEST53647541.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.982131958 CEST6174453192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.982273102 CEST5654753192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.983874083 CEST5726653192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.984155893 CEST6015453192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.992782116 CEST6447753192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.993129015 CEST5714353192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.993767977 CEST6034853192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.003777027 CEST5413153192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.146198034 CEST53644771.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.146913052 CEST53571431.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.147357941 CEST53603481.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.157563925 CEST53541311.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.167347908 CEST53565471.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.168359041 CEST53601541.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.171741962 CEST53572661.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.188931942 CEST53617441.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.020080090 CEST5188253192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.020629883 CEST5918353192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.389218092 CEST5255853192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.389555931 CEST6488053192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.566591024 CEST53648801.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.576508999 CEST53525581.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:36.136267900 CEST6446953192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:36.136413097 CEST5858353192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:36.289726019 CEST53585831.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:36.290111065 CEST53644691.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:36.326765060 CEST53577031.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.241887093 CEST5090253192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.242192030 CEST5406353192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.243277073 CEST6410953192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.243753910 CEST6238253192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.396558046 CEST53641091.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.397082090 CEST53506161.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.397175074 CEST53623821.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.473531008 CEST53509021.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.497811079 CEST53540631.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.919311047 CEST5965653192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.919519901 CEST5032853192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.920013905 CEST5320253192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.920325041 CEST5539653192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.073164940 CEST53503281.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.073178053 CEST53596561.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.710074902 CEST5824153192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.710239887 CEST4966253192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.736555099 CEST5646253192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.736715078 CEST5081253192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.803224087 CEST5246753192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.803343058 CEST5096553192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.890286922 CEST53564621.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.890314102 CEST53508121.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.901331902 CEST53496621.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.924881935 CEST53582411.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.956360102 CEST53524671.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.956717968 CEST53509651.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.141381025 CEST5197153192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.141556978 CEST5553553192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.294652939 CEST53555351.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.294735909 CEST53519711.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.337667942 CEST53568451.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.816739082 CEST6192753192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.816891909 CEST6549953192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.817189932 CEST6246053192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.817306995 CEST5018153192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.912756920 CEST5193253192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.912902117 CEST6523153192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.913455963 CEST6041653192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.913598061 CEST6523053192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.967233896 CEST6261153192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.967356920 CEST5726053192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.970612049 CEST53619271.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.970746040 CEST53654991.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.970834970 CEST53624601.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.970876932 CEST53501811.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.067282915 CEST53519321.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.067312956 CEST53652311.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.074594975 CEST53604161.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.107350111 CEST53652301.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.164271116 CEST53572601.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.164288998 CEST53626111.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.803884029 CEST6115753192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.804162979 CEST6108153192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.957475901 CEST53611571.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.957540035 CEST53610811.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.900274038 CEST5993453192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.900422096 CEST6298653192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:53.053683996 CEST53599341.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:53.053742886 CEST53629861.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.956366062 CEST5813053192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.956890106 CEST5150353192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.844984055 CEST5967653192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.845141888 CEST5471953192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.998645067 CEST53596761.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.998663902 CEST53547191.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.528876066 CEST6425553192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.528924942 CEST5493553192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.562098980 CEST5066653192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.562244892 CEST6373953192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.562777042 CEST5705953192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.562921047 CEST6064053192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.682823896 CEST53642551.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.682904959 CEST53549351.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.716270924 CEST53506661.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.716761112 CEST53570591.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.717031002 CEST53606401.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.856889009 CEST53637391.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.943394899 CEST5548453192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.943553925 CEST6018053192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.096765041 CEST53601801.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.097009897 CEST53554841.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.319672108 CEST5163953192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.319864035 CEST5801253192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.474013090 CEST53516391.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.474281073 CEST53580121.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.003231049 CEST5404253192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.003406048 CEST6098253192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.007842064 CEST5208353192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.008105040 CEST5479253192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.013561010 CEST5238853192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.013842106 CEST5913653192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.018399954 CEST5425253192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.018774033 CEST5748753192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.023893118 CEST5793953192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.024071932 CEST5911153192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.157217979 CEST53609821.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.158180952 CEST53540421.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.160984993 CEST53520831.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.161338091 CEST53547921.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.166796923 CEST53523881.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.167484045 CEST53591361.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.171448946 CEST53542521.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.172693014 CEST53574871.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.177978992 CEST53579391.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.178078890 CEST53591111.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.394383907 CEST5124553192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.394539118 CEST5374553192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.488660097 CEST53521801.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.584672928 CEST53512451.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.585411072 CEST53537451.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.131737947 CEST5209053192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.131886005 CEST6072153192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.198525906 CEST5470353192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.198765039 CEST6378553192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.285295010 CEST53607211.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.353355885 CEST53637851.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.236108065 CEST5625453192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.236243963 CEST5618953192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.389529943 CEST53561891.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.389592886 CEST53562541.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.956420898 CEST5530453192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.956623077 CEST5195053192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.957075119 CEST6520453192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.957246065 CEST5745453192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.110027075 CEST53519501.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.110977888 CEST53553041.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.252065897 CEST5107553192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.252214909 CEST5430153192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.405649900 CEST53543011.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.857657909 CEST5191653192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.857805014 CEST5118253192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.011606932 CEST53511821.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.318649054 CEST5372253192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.318828106 CEST5983953192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.472860098 CEST53537221.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.473524094 CEST53598391.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.745662928 CEST5930353192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.745863914 CEST4985453192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.746532917 CEST5073453192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.746661901 CEST5607653192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.747113943 CEST5175553192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.747250080 CEST5036653192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.900402069 CEST53507341.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.900612116 CEST53503661.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.900965929 CEST53560761.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.910876989 CEST6017753192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.911148071 CEST6262353192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.911890030 CEST5335053192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.912152052 CEST5408653192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.065332890 CEST53601771.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.065352917 CEST53626231.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.065671921 CEST53540861.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.065711021 CEST53533501.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.613189936 CEST5403953192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.613339901 CEST5505653192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.767616987 CEST53550561.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.767860889 CEST53540391.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.946419001 CEST4973353192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.946552038 CEST5703353192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.061677933 CEST5657153192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.061836958 CEST6420153192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.099770069 CEST53497331.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.100339890 CEST53570331.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.130961895 CEST6244953192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.131103992 CEST5992453192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.215123892 CEST53565711.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.215301991 CEST53642011.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.284347057 CEST53599241.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.284373045 CEST53624491.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.972877026 CEST6058753192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.973021984 CEST5812653192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.043862104 CEST5755653192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.044084072 CEST5092153192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.126271009 CEST53605871.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.126729012 CEST53581261.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.127440929 CEST5472753192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.127590895 CEST5695553192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.197526932 CEST53509211.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.197601080 CEST53575561.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.281611919 CEST53569551.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.564631939 CEST6481253192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.564949989 CEST5165853192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.718861103 CEST53648121.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.719247103 CEST53516581.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:10.003696918 CEST138138192.168.2.7192.168.2.255
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:15.323802948 CEST53631011.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:22.206962109 CEST53628571.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:42.906306028 CEST53509691.1.1.1192.168.2.7

                                                                                                                                                                                                                                                                                                                                  ICMP Packets

                                                                                                                                                                                                                                                                                                                                  TimestampSource IPDest IPChecksumCodeType
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.206271887 CEST192.168.2.71.1.1.1c21d(Port unreachable)Destination Unreachable
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.856952906 CEST192.168.2.71.1.1.1c220(Port unreachable)Destination Unreachable

                                                                                                                                                                                                                                                                                                                                  DNS Queries

                                                                                                                                                                                                                                                                                                                                  TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:22.319150925 CEST192.168.2.71.1.1.10xf4d4Standard query (0)fiddler2.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:22.319422960 CEST192.168.2.71.1.1.10x8eb0Standard query (0)fiddler2.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:23.064595938 CEST192.168.2.71.1.1.10x1217Standard query (0)www.telerik.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:23.065118074 CEST192.168.2.71.1.1.10x9569Standard query (0)www.telerik.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:26.511774063 CEST192.168.2.71.1.1.10x2cb8Standard query (0)www.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:26.511873007 CEST192.168.2.71.1.1.10x2503Standard query (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:27.772423029 CEST192.168.2.71.1.1.10x1c37Standard query (0)www.telerik.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:27.772645950 CEST192.168.2.71.1.1.10xb1ddStandard query (0)www.telerik.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.982131958 CEST192.168.2.71.1.1.10x510Standard query (0)dtzbdy9anri2p.cloudfront.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.982273102 CEST192.168.2.71.1.1.10xbe2eStandard query (0)dtzbdy9anri2p.cloudfront.net65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.983874083 CEST192.168.2.71.1.1.10xdc89Standard query (0)d6vtbcy3ong79.cloudfront.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.984155893 CEST192.168.2.71.1.1.10xa90eStandard query (0)d6vtbcy3ong79.cloudfront.net65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.992782116 CEST192.168.2.71.1.1.10xcacdStandard query (0)cdnjs.cloudflare.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.993129015 CEST192.168.2.71.1.1.10xbc28Standard query (0)cdnjs.cloudflare.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:29.993767977 CEST192.168.2.71.1.1.10x143cStandard query (0)cdn.cookielaw.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.003777027 CEST192.168.2.71.1.1.10x6e5aStandard query (0)cdn.cookielaw.org65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.020080090 CEST192.168.2.71.1.1.10x3a28Standard query (0)cdn.insight.sitefinity.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.020629883 CEST192.168.2.71.1.1.10xc7d2Standard query (0)cdn.insight.sitefinity.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.389218092 CEST192.168.2.71.1.1.10xbfb6Standard query (0)d585tldpucybw.cloudfront.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.389555931 CEST192.168.2.71.1.1.10x85f7Standard query (0)d585tldpucybw.cloudfront.net65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:36.136267900 CEST192.168.2.71.1.1.10xaa63Standard query (0)geolocation.onetrust.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:36.136413097 CEST192.168.2.71.1.1.10xac95Standard query (0)geolocation.onetrust.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.241887093 CEST192.168.2.71.1.1.10x2a23Standard query (0)euob.ytwohlcq.telerik.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.242192030 CEST192.168.2.71.1.1.10xc810Standard query (0)euob.ytwohlcq.telerik.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.243277073 CEST192.168.2.71.1.1.10x3b51Standard query (0)static.hotjar.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.243753910 CEST192.168.2.71.1.1.10xc4b3Standard query (0)static.hotjar.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.919311047 CEST192.168.2.71.1.1.10xf537Standard query (0)unpkg.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.919519901 CEST192.168.2.71.1.1.10xfdd5Standard query (0)unpkg.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.920013905 CEST192.168.2.71.1.1.10x945bStandard query (0)img.en25.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.920325041 CEST192.168.2.71.1.1.10xd423Standard query (0)img.en25.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.710074902 CEST192.168.2.71.1.1.10xc9a2Standard query (0)s1325.t.eloqua.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.710239887 CEST192.168.2.71.1.1.10x96e9Standard query (0)s1325.t.eloqua.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.736555099 CEST192.168.2.71.1.1.10xb573Standard query (0)stats.g.doubleclick.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.736715078 CEST192.168.2.71.1.1.10xf31eStandard query (0)stats.g.doubleclick.net65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.803224087 CEST192.168.2.71.1.1.10xe233Standard query (0)script.hotjar.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.803343058 CEST192.168.2.71.1.1.10xd4e9Standard query (0)script.hotjar.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.141381025 CEST192.168.2.71.1.1.10x6731Standard query (0)td.doubleclick.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.141556978 CEST192.168.2.71.1.1.10x22a4Standard query (0)td.doubleclick.net65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.816739082 CEST192.168.2.71.1.1.10xcff8Standard query (0)www.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.816891909 CEST192.168.2.71.1.1.10x966bStandard query (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.817189932 CEST192.168.2.71.1.1.10x32a0Standard query (0)analytics.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.817306995 CEST192.168.2.71.1.1.10xe2c1Standard query (0)analytics.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.912756920 CEST192.168.2.71.1.1.10xebbcStandard query (0)cl.qualaroo.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.912902117 CEST192.168.2.71.1.1.10xf4f6Standard query (0)cl.qualaroo.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.913455963 CEST192.168.2.71.1.1.10x3d53Standard query (0)obseu.ytwohlcq.telerik.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.913598061 CEST192.168.2.71.1.1.10x9f20Standard query (0)obseu.ytwohlcq.telerik.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.967233896 CEST192.168.2.71.1.1.10x7b23Standard query (0)api.insight.sitefinity.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.967356920 CEST192.168.2.71.1.1.10xf7f6Standard query (0)api.insight.sitefinity.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.803884029 CEST192.168.2.71.1.1.10x5b6bStandard query (0)googleads.g.doubleclick.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.804162979 CEST192.168.2.71.1.1.10xc286Standard query (0)googleads.g.doubleclick.net65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.900274038 CEST192.168.2.71.1.1.10x5b57Standard query (0)connect.facebook.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:52.900422096 CEST192.168.2.71.1.1.10x7b4dStandard query (0)connect.facebook.net65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.956366062 CEST192.168.2.71.1.1.10xddb1Standard query (0)www.clarity.msA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:54.956890106 CEST192.168.2.71.1.1.10x2eb3Standard query (0)www.clarity.ms65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.844984055 CEST192.168.2.71.1.1.10x2266Standard query (0)www.facebook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.845141888 CEST192.168.2.71.1.1.10xebd0Standard query (0)www.facebook.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.528876066 CEST192.168.2.71.1.1.10x1e6bStandard query (0)privacyportal.onetrust.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.528924942 CEST192.168.2.71.1.1.10xcb08Standard query (0)privacyportal.onetrust.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.562098980 CEST192.168.2.71.1.1.10x341Standard query (0)geo.qualaroo.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.562244892 CEST192.168.2.71.1.1.10x2e9Standard query (0)geo.qualaroo.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.562777042 CEST192.168.2.71.1.1.10x3e37Standard query (0)dntcl.qualaroo.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.562921047 CEST192.168.2.71.1.1.10x99caStandard query (0)dntcl.qualaroo.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.943394899 CEST192.168.2.71.1.1.10xee18Standard query (0)www.facebook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.943553925 CEST192.168.2.71.1.1.10xa8ffStandard query (0)www.facebook.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.319672108 CEST192.168.2.71.1.1.10x2b8eStandard query (0)obseu.ytwohlcq.telerik.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.319864035 CEST192.168.2.71.1.1.10x2297Standard query (0)obseu.ytwohlcq.telerik.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.003231049 CEST192.168.2.71.1.1.10xcaeStandard query (0)geo.qualaroo.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.003406048 CEST192.168.2.71.1.1.10x1592Standard query (0)geo.qualaroo.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.007842064 CEST192.168.2.71.1.1.10x6e85Standard query (0)cdn.cookielaw.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.008105040 CEST192.168.2.71.1.1.10x3b11Standard query (0)cdn.cookielaw.org65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.013561010 CEST192.168.2.71.1.1.10xf857Standard query (0)www.telerik.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.013842106 CEST192.168.2.71.1.1.10x6ad4Standard query (0)www.telerik.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.018399954 CEST192.168.2.71.1.1.10x45bfStandard query (0)geolocation.onetrust.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.018774033 CEST192.168.2.71.1.1.10x7f71Standard query (0)geolocation.onetrust.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.023893118 CEST192.168.2.71.1.1.10x3e83Standard query (0)api.insight.sitefinity.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.024071932 CEST192.168.2.71.1.1.10x3c66Standard query (0)api.insight.sitefinity.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.394383907 CEST192.168.2.71.1.1.10x2fbaStandard query (0)s1325.t.eloqua.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.394539118 CEST192.168.2.71.1.1.10xf4aStandard query (0)s1325.t.eloqua.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.131737947 CEST192.168.2.71.1.1.10x70e0Standard query (0)c.clarity.msA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.131886005 CEST192.168.2.71.1.1.10x7099Standard query (0)c.clarity.ms65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.198525906 CEST192.168.2.71.1.1.10x3b6eStandard query (0)d.clarity.msA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.198765039 CEST192.168.2.71.1.1.10xdce3Standard query (0)d.clarity.ms65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.236108065 CEST192.168.2.71.1.1.10x982dStandard query (0)www.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.236243963 CEST192.168.2.71.1.1.10x1dacStandard query (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.956420898 CEST192.168.2.71.1.1.10x21b1Standard query (0)static.ads-twitter.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.956623077 CEST192.168.2.71.1.1.10x9fd7Standard query (0)static.ads-twitter.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.957075119 CEST192.168.2.71.1.1.10x8dccStandard query (0)snap.licdn.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.957246065 CEST192.168.2.71.1.1.10x6024Standard query (0)snap.licdn.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.252065897 CEST192.168.2.71.1.1.10x50b9Standard query (0)c.clarity.msA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.252214909 CEST192.168.2.71.1.1.10xeeebStandard query (0)c.clarity.ms65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.857657909 CEST192.168.2.71.1.1.10x51f4Standard query (0)px.ads.linkedin.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.857805014 CEST192.168.2.71.1.1.10x8187Standard query (0)px.ads.linkedin.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.318649054 CEST192.168.2.71.1.1.10xd26cStandard query (0)stats.g.doubleclick.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.318828106 CEST192.168.2.71.1.1.10x3d52Standard query (0)stats.g.doubleclick.net65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.745662928 CEST192.168.2.71.1.1.10x7bffStandard query (0)a.quora.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.745863914 CEST192.168.2.71.1.1.10x2f42Standard query (0)a.quora.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.746532917 CEST192.168.2.71.1.1.10x8852Standard query (0)rum-static.pingdom.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.746661901 CEST192.168.2.71.1.1.10xb6b9Standard query (0)rum-static.pingdom.net65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.747113943 CEST192.168.2.71.1.1.10xac22Standard query (0)px.ads.linkedin.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.747250080 CEST192.168.2.71.1.1.10x2a1aStandard query (0)px.ads.linkedin.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.910876989 CEST192.168.2.71.1.1.10xa72dStandard query (0)www.clickcease.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.911148071 CEST192.168.2.71.1.1.10x7915Standard query (0)www.clickcease.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.911890030 CEST192.168.2.71.1.1.10xd41aStandard query (0)q.quora.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.912152052 CEST192.168.2.71.1.1.10x1aa0Standard query (0)q.quora.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.613189936 CEST192.168.2.71.1.1.10x34ffStandard query (0)rum-collector-2.pingdom.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.613339901 CEST192.168.2.71.1.1.10xbf8Standard query (0)rum-collector-2.pingdom.net65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.946419001 CEST192.168.2.71.1.1.10x62f7Standard query (0)q.quora.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.946552038 CEST192.168.2.71.1.1.10x66a4Standard query (0)q.quora.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.061677933 CEST192.168.2.71.1.1.10x8ec1Standard query (0)t.coA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.061836958 CEST192.168.2.71.1.1.10x81f9Standard query (0)t.co65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.130961895 CEST192.168.2.71.1.1.10xb3c9Standard query (0)analytics.twitter.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.131103992 CEST192.168.2.71.1.1.10xdfa5Standard query (0)analytics.twitter.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.972877026 CEST192.168.2.71.1.1.10x6f65Standard query (0)t.coA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.973021984 CEST192.168.2.71.1.1.10x4dfcStandard query (0)t.co65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.043862104 CEST192.168.2.71.1.1.10x3a4bStandard query (0)analytics.twitter.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.044084072 CEST192.168.2.71.1.1.10x8c6Standard query (0)analytics.twitter.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.127440929 CEST192.168.2.71.1.1.10x43d5Standard query (0)www.linkedin.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.127590895 CEST192.168.2.71.1.1.10xe314Standard query (0)www.linkedin.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.564631939 CEST192.168.2.71.1.1.10x9adeStandard query (0)rum-collector-2.pingdom.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.564949989 CEST192.168.2.71.1.1.10x643bStandard query (0)rum-collector-2.pingdom.net65IN (0x0001)false

                                                                                                                                                                                                                                                                                                                                  DNS Answers

                                                                                                                                                                                                                                                                                                                                  TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:22.474025965 CEST1.1.1.1192.168.2.70xf4d4No error (0)fiddler2.com50.56.19.116A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:23.304797888 CEST1.1.1.1192.168.2.70x9569No error (0)www.telerik.comtelerik.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:23.304816008 CEST1.1.1.1192.168.2.70x1217No error (0)www.telerik.comtelerik.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:23.304816008 CEST1.1.1.1192.168.2.70x1217No error (0)telerik.com50.56.19.112A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:26.665083885 CEST1.1.1.1192.168.2.70x2503No error (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:26.665102005 CEST1.1.1.1192.168.2.70x2cb8No error (0)www.google.com142.250.141.99A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:26.665102005 CEST1.1.1.1192.168.2.70x2cb8No error (0)www.google.com142.250.141.147A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:26.665102005 CEST1.1.1.1192.168.2.70x2cb8No error (0)www.google.com142.250.141.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:26.665102005 CEST1.1.1.1192.168.2.70x2cb8No error (0)www.google.com142.250.141.103A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:26.665102005 CEST1.1.1.1192.168.2.70x2cb8No error (0)www.google.com142.250.141.105A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:26.665102005 CEST1.1.1.1192.168.2.70x2cb8No error (0)www.google.com142.250.141.104A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:27.926516056 CEST1.1.1.1192.168.2.70x1c37No error (0)www.telerik.comtelerik.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:27.926516056 CEST1.1.1.1192.168.2.70x1c37No error (0)telerik.com50.56.19.112A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:27.927114010 CEST1.1.1.1192.168.2.70xb1ddNo error (0)www.telerik.comtelerik.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.146198034 CEST1.1.1.1192.168.2.70xcacdNo error (0)cdnjs.cloudflare.com104.17.25.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.146198034 CEST1.1.1.1192.168.2.70xcacdNo error (0)cdnjs.cloudflare.com104.17.24.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.146913052 CEST1.1.1.1192.168.2.70xbc28No error (0)cdnjs.cloudflare.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.147357941 CEST1.1.1.1192.168.2.70x143cNo error (0)cdn.cookielaw.org104.19.178.52A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.147357941 CEST1.1.1.1192.168.2.70x143cNo error (0)cdn.cookielaw.org104.19.177.52A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.157563925 CEST1.1.1.1192.168.2.70x6e5aNo error (0)cdn.cookielaw.org65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.171741962 CEST1.1.1.1192.168.2.70xdc89No error (0)d6vtbcy3ong79.cloudfront.net13.226.251.88A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.171741962 CEST1.1.1.1192.168.2.70xdc89No error (0)d6vtbcy3ong79.cloudfront.net13.226.251.83A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.171741962 CEST1.1.1.1192.168.2.70xdc89No error (0)d6vtbcy3ong79.cloudfront.net13.226.251.61A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.171741962 CEST1.1.1.1192.168.2.70xdc89No error (0)d6vtbcy3ong79.cloudfront.net13.226.251.190A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.188931942 CEST1.1.1.1192.168.2.70x510No error (0)dtzbdy9anri2p.cloudfront.net52.85.205.195A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.188931942 CEST1.1.1.1192.168.2.70x510No error (0)dtzbdy9anri2p.cloudfront.net52.85.205.143A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.188931942 CEST1.1.1.1192.168.2.70x510No error (0)dtzbdy9anri2p.cloudfront.net52.85.205.36A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:30.188931942 CEST1.1.1.1192.168.2.70x510No error (0)dtzbdy9anri2p.cloudfront.net52.85.205.92A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.257831097 CEST1.1.1.1192.168.2.70xc7d2No error (0)cdn.insight.sitefinity.comsitefinity-insight.azureedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.257831097 CEST1.1.1.1192.168.2.70xc7d2No error (0)scdn1d828.wpc.353cd.gammacdn.netsni1gl.wpc.gammacdn.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.258400917 CEST1.1.1.1192.168.2.70x3a28No error (0)cdn.insight.sitefinity.comsitefinity-insight.azureedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.258400917 CEST1.1.1.1192.168.2.70x3a28No error (0)scdn1d828.wpc.353cd.gammacdn.netsni1gl.wpc.gammacdn.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.258400917 CEST1.1.1.1192.168.2.70x3a28No error (0)sni1gl.wpc.gammacdn.net152.195.19.97A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.576508999 CEST1.1.1.1192.168.2.70xbfb6No error (0)d585tldpucybw.cloudfront.net108.139.9.18A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.576508999 CEST1.1.1.1192.168.2.70xbfb6No error (0)d585tldpucybw.cloudfront.net108.139.9.42A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.576508999 CEST1.1.1.1192.168.2.70xbfb6No error (0)d585tldpucybw.cloudfront.net108.139.9.5A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:34.576508999 CEST1.1.1.1192.168.2.70xbfb6No error (0)d585tldpucybw.cloudfront.net108.139.9.185A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:36.289726019 CEST1.1.1.1192.168.2.70xac95No error (0)geolocation.onetrust.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:36.290111065 CEST1.1.1.1192.168.2.70xaa63No error (0)geolocation.onetrust.com104.18.32.137A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:36.290111065 CEST1.1.1.1192.168.2.70xaa63No error (0)geolocation.onetrust.com172.64.155.119A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.396558046 CEST1.1.1.1192.168.2.70x3b51No error (0)static.hotjar.comstatic-cdn.hotjar.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.396558046 CEST1.1.1.1192.168.2.70x3b51No error (0)static-cdn.hotjar.com18.65.25.57A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.396558046 CEST1.1.1.1192.168.2.70x3b51No error (0)static-cdn.hotjar.com18.65.25.19A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.396558046 CEST1.1.1.1192.168.2.70x3b51No error (0)static-cdn.hotjar.com18.65.25.101A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.396558046 CEST1.1.1.1192.168.2.70x3b51No error (0)static-cdn.hotjar.com18.65.25.89A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.397175074 CEST1.1.1.1192.168.2.70xc4b3No error (0)static.hotjar.comstatic-cdn.hotjar.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.473531008 CEST1.1.1.1192.168.2.70x2a23No error (0)euob.ytwohlcq.telerik.com18.154.206.13A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.473531008 CEST1.1.1.1192.168.2.70x2a23No error (0)euob.ytwohlcq.telerik.com18.154.206.44A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.473531008 CEST1.1.1.1192.168.2.70x2a23No error (0)euob.ytwohlcq.telerik.com18.154.206.52A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:39.473531008 CEST1.1.1.1192.168.2.70x2a23No error (0)euob.ytwohlcq.telerik.com18.154.206.5A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.073164940 CEST1.1.1.1192.168.2.70xfdd5No error (0)unpkg.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.073178053 CEST1.1.1.1192.168.2.70xf537No error (0)unpkg.com104.17.246.203A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.073178053 CEST1.1.1.1192.168.2.70xf537No error (0)unpkg.com104.17.249.203A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.073178053 CEST1.1.1.1192.168.2.70xf537No error (0)unpkg.com104.17.247.203A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.073178053 CEST1.1.1.1192.168.2.70xf537No error (0)unpkg.com104.17.248.203A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.073178053 CEST1.1.1.1192.168.2.70xf537No error (0)unpkg.com104.17.245.203A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.074538946 CEST1.1.1.1192.168.2.70xd423No error (0)img.en25.comwildcard.en25.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:40.081602097 CEST1.1.1.1192.168.2.70x945bNo error (0)img.en25.comwildcard.en25.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.890286922 CEST1.1.1.1192.168.2.70xb573No error (0)stats.g.doubleclick.net142.251.2.156A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.890286922 CEST1.1.1.1192.168.2.70xb573No error (0)stats.g.doubleclick.net142.251.2.154A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.890286922 CEST1.1.1.1192.168.2.70xb573No error (0)stats.g.doubleclick.net142.251.2.155A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.890286922 CEST1.1.1.1192.168.2.70xb573No error (0)stats.g.doubleclick.net142.251.2.157A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.901331902 CEST1.1.1.1192.168.2.70x96e9No error (0)s1325.t.eloqua.comp01f.t.eloqua.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.924881935 CEST1.1.1.1192.168.2.70xc9a2No error (0)s1325.t.eloqua.comp01f.t.eloqua.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.924881935 CEST1.1.1.1192.168.2.70xc9a2No error (0)p01f.t.eloqua.com192.29.11.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.956360102 CEST1.1.1.1192.168.2.70xe233No error (0)script.hotjar.com13.226.225.31A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.956360102 CEST1.1.1.1192.168.2.70xe233No error (0)script.hotjar.com13.226.225.59A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.956360102 CEST1.1.1.1192.168.2.70xe233No error (0)script.hotjar.com13.226.225.12A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:48.956360102 CEST1.1.1.1192.168.2.70xe233No error (0)script.hotjar.com13.226.225.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.294735909 CEST1.1.1.1192.168.2.70x6731No error (0)td.doubleclick.net74.125.137.156A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.294735909 CEST1.1.1.1192.168.2.70x6731No error (0)td.doubleclick.net74.125.137.157A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.294735909 CEST1.1.1.1192.168.2.70x6731No error (0)td.doubleclick.net74.125.137.155A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:49.294735909 CEST1.1.1.1192.168.2.70x6731No error (0)td.doubleclick.net74.125.137.154A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.970612049 CEST1.1.1.1192.168.2.70xcff8No error (0)www.google.com142.250.141.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.970612049 CEST1.1.1.1192.168.2.70xcff8No error (0)www.google.com142.250.141.105A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.970612049 CEST1.1.1.1192.168.2.70xcff8No error (0)www.google.com142.250.141.147A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.970612049 CEST1.1.1.1192.168.2.70xcff8No error (0)www.google.com142.250.141.104A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.970612049 CEST1.1.1.1192.168.2.70xcff8No error (0)www.google.com142.250.141.103A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.970612049 CEST1.1.1.1192.168.2.70xcff8No error (0)www.google.com142.250.141.99A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.970746040 CEST1.1.1.1192.168.2.70x966bNo error (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.970834970 CEST1.1.1.1192.168.2.70x32a0No error (0)analytics.google.com142.251.2.139A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.970834970 CEST1.1.1.1192.168.2.70x32a0No error (0)analytics.google.com142.251.2.113A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.970834970 CEST1.1.1.1192.168.2.70x32a0No error (0)analytics.google.com142.251.2.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.970834970 CEST1.1.1.1192.168.2.70x32a0No error (0)analytics.google.com142.251.2.101A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.970834970 CEST1.1.1.1192.168.2.70x32a0No error (0)analytics.google.com142.251.2.102A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.970834970 CEST1.1.1.1192.168.2.70x32a0No error (0)analytics.google.com142.251.2.100A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:50.970876932 CEST1.1.1.1192.168.2.70xe2c1No error (0)analytics.google.comanalytics-alv.google.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.067282915 CEST1.1.1.1192.168.2.70xebbcNo error (0)cl.qualaroo.combcltest2.b-cdn.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.067282915 CEST1.1.1.1192.168.2.70xebbcNo error (0)bcltest2.b-cdn.net143.244.50.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.067312956 CEST1.1.1.1192.168.2.70xf4f6No error (0)cl.qualaroo.combcltest2.b-cdn.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.074594975 CEST1.1.1.1192.168.2.70x3d53No error (0)obseu.ytwohlcq.telerik.com3.248.162.96A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.074594975 CEST1.1.1.1192.168.2.70x3d53No error (0)obseu.ytwohlcq.telerik.com34.251.101.162A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.074594975 CEST1.1.1.1192.168.2.70x3d53No error (0)obseu.ytwohlcq.telerik.com54.75.69.192A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.164288998 CEST1.1.1.1192.168.2.70x7b23No error (0)api.insight.sitefinity.com52.252.156.53A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.957475901 CEST1.1.1.1192.168.2.70x5b6bNo error (0)googleads.g.doubleclick.net142.251.2.155A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.957475901 CEST1.1.1.1192.168.2.70x5b6bNo error (0)googleads.g.doubleclick.net142.251.2.156A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.957475901 CEST1.1.1.1192.168.2.70x5b6bNo error (0)googleads.g.doubleclick.net142.251.2.157A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.957475901 CEST1.1.1.1192.168.2.70x5b6bNo error (0)googleads.g.doubleclick.net142.251.2.154A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:51.957540035 CEST1.1.1.1192.168.2.70xc286No error (0)googleads.g.doubleclick.net65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:53.053683996 CEST1.1.1.1192.168.2.70x5b57No error (0)connect.facebook.netscontent.xx.fbcdn.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:53.053683996 CEST1.1.1.1192.168.2.70x5b57No error (0)scontent.xx.fbcdn.net31.13.70.7A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:53.053742886 CEST1.1.1.1192.168.2.70x7b4dNo error (0)connect.facebook.netscontent.xx.fbcdn.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.109486103 CEST1.1.1.1192.168.2.70xddb1No error (0)www.clarity.msclarity.azurefd.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.109486103 CEST1.1.1.1192.168.2.70xddb1No error (0)clarity.azurefd.netazurefd-t-prod.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.109486103 CEST1.1.1.1192.168.2.70xddb1No error (0)shed.dual-low.part-0041.t-0009.t-msedge.netpart-0041.t-0009.t-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.109486103 CEST1.1.1.1192.168.2.70xddb1No error (0)part-0041.t-0009.t-msedge.net13.107.213.69A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.109486103 CEST1.1.1.1192.168.2.70xddb1No error (0)part-0041.t-0009.t-msedge.net13.107.246.69A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.112812042 CEST1.1.1.1192.168.2.70x2eb3No error (0)www.clarity.msclarity.azurefd.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.112812042 CEST1.1.1.1192.168.2.70x2eb3No error (0)clarity.azurefd.netazurefd-t-prod.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.998645067 CEST1.1.1.1192.168.2.70x2266No error (0)www.facebook.comstar-mini.c10r.facebook.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.998645067 CEST1.1.1.1192.168.2.70x2266No error (0)star-mini.c10r.facebook.com31.13.70.36A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:55.998663902 CEST1.1.1.1192.168.2.70xebd0No error (0)www.facebook.comstar-mini.c10r.facebook.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.682823896 CEST1.1.1.1192.168.2.70x1e6bNo error (0)privacyportal.onetrust.com104.18.32.137A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.682823896 CEST1.1.1.1192.168.2.70x1e6bNo error (0)privacyportal.onetrust.com172.64.155.119A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.682904959 CEST1.1.1.1192.168.2.70xcb08No error (0)privacyportal.onetrust.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.716270924 CEST1.1.1.1192.168.2.70x341No error (0)geo.qualaroo.com3.211.190.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.716270924 CEST1.1.1.1192.168.2.70x341No error (0)geo.qualaroo.com3.221.154.187A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.716761112 CEST1.1.1.1192.168.2.70x3e37No error (0)dntcl.qualaroo.comqualdnt.b-cdn.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.716761112 CEST1.1.1.1192.168.2.70x3e37No error (0)qualdnt.b-cdn.net143.244.50.213A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:56.717031002 CEST1.1.1.1192.168.2.70x99caNo error (0)dntcl.qualaroo.comqualdnt.b-cdn.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.096765041 CEST1.1.1.1192.168.2.70xa8ffNo error (0)www.facebook.comstar-mini.c10r.facebook.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.097009897 CEST1.1.1.1192.168.2.70xee18No error (0)www.facebook.comstar-mini.c10r.facebook.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.097009897 CEST1.1.1.1192.168.2.70xee18No error (0)star-mini.c10r.facebook.com31.13.70.36A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.474013090 CEST1.1.1.1192.168.2.70x2b8eNo error (0)obseu.ytwohlcq.telerik.com3.248.162.96A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.474013090 CEST1.1.1.1192.168.2.70x2b8eNo error (0)obseu.ytwohlcq.telerik.com54.75.69.192A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:57.474013090 CEST1.1.1.1192.168.2.70x2b8eNo error (0)obseu.ytwohlcq.telerik.com34.251.101.162A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.158180952 CEST1.1.1.1192.168.2.70xcaeNo error (0)geo.qualaroo.com3.211.190.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.158180952 CEST1.1.1.1192.168.2.70xcaeNo error (0)geo.qualaroo.com3.221.154.187A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.160984993 CEST1.1.1.1192.168.2.70x6e85No error (0)cdn.cookielaw.org104.19.177.52A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.160984993 CEST1.1.1.1192.168.2.70x6e85No error (0)cdn.cookielaw.org104.19.178.52A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.161338091 CEST1.1.1.1192.168.2.70x3b11No error (0)cdn.cookielaw.org65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.166796923 CEST1.1.1.1192.168.2.70xf857No error (0)www.telerik.comtelerik.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.166796923 CEST1.1.1.1192.168.2.70xf857No error (0)telerik.com50.56.19.112A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.167484045 CEST1.1.1.1192.168.2.70x6ad4No error (0)www.telerik.comtelerik.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.171448946 CEST1.1.1.1192.168.2.70x45bfNo error (0)geolocation.onetrust.com172.64.155.119A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.171448946 CEST1.1.1.1192.168.2.70x45bfNo error (0)geolocation.onetrust.com104.18.32.137A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.172693014 CEST1.1.1.1192.168.2.70x7f71No error (0)geolocation.onetrust.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.177978992 CEST1.1.1.1192.168.2.70x3e83No error (0)api.insight.sitefinity.com52.252.156.53A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.584672928 CEST1.1.1.1192.168.2.70x2fbaNo error (0)s1325.t.eloqua.comp01f.t.eloqua.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.584672928 CEST1.1.1.1192.168.2.70x2fbaNo error (0)p01f.t.eloqua.com192.29.11.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:01.585411072 CEST1.1.1.1192.168.2.70xf4aNo error (0)s1325.t.eloqua.comp01f.t.eloqua.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.285295010 CEST1.1.1.1192.168.2.70x7099No error (0)c.clarity.msc.msn.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.285295010 CEST1.1.1.1192.168.2.70x7099No error (0)c.msn.comc-msn-com-nsatc.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.287523985 CEST1.1.1.1192.168.2.70x70e0No error (0)c.clarity.msc.msn.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.287523985 CEST1.1.1.1192.168.2.70x70e0No error (0)c.msn.comc-msn-com-nsatc.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.352703094 CEST1.1.1.1192.168.2.70x3b6eNo error (0)d.clarity.msvmss-clarity-ingest-eus.eastus.cloudapp.azure.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:02.353355885 CEST1.1.1.1192.168.2.70xdce3No error (0)d.clarity.msvmss-clarity-ingest-eus.eastus.cloudapp.azure.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.389529943 CEST1.1.1.1192.168.2.70x1dacNo error (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.389592886 CEST1.1.1.1192.168.2.70x982dNo error (0)www.google.com142.250.141.104A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.389592886 CEST1.1.1.1192.168.2.70x982dNo error (0)www.google.com142.250.141.99A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.389592886 CEST1.1.1.1192.168.2.70x982dNo error (0)www.google.com142.250.141.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.389592886 CEST1.1.1.1192.168.2.70x982dNo error (0)www.google.com142.250.141.103A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.389592886 CEST1.1.1.1192.168.2.70x982dNo error (0)www.google.com142.250.141.105A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:04.389592886 CEST1.1.1.1192.168.2.70x982dNo error (0)www.google.com142.250.141.147A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.110027075 CEST1.1.1.1192.168.2.70x9fd7No error (0)static.ads-twitter.complatform.twitter.map.fastly.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.110491037 CEST1.1.1.1192.168.2.70x8dccNo error (0)snap.licdn.comod.linkedin.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.110977888 CEST1.1.1.1192.168.2.70x21b1No error (0)static.ads-twitter.complatform.twitter.map.fastly.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.110977888 CEST1.1.1.1192.168.2.70x21b1No error (0)platform.twitter.map.fastly.net146.75.92.157A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.111382008 CEST1.1.1.1192.168.2.70x6024No error (0)snap.licdn.comod.linkedin.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.405649900 CEST1.1.1.1192.168.2.70xeeebNo error (0)c.clarity.msc.msn.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.405649900 CEST1.1.1.1192.168.2.70xeeebNo error (0)c.msn.comc-msn-com-nsatc.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.406059980 CEST1.1.1.1192.168.2.70x50b9No error (0)c.clarity.msc.msn.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:05.406059980 CEST1.1.1.1192.168.2.70x50b9No error (0)c.msn.comc-msn-com-nsatc.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.011133909 CEST1.1.1.1192.168.2.70x51f4No error (0)px.ads.linkedin.comexp1.www.linkedin.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.011133909 CEST1.1.1.1192.168.2.70x51f4No error (0)exp1.www.linkedin.comwww-linkedin-com.l-0005.l-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.011606932 CEST1.1.1.1192.168.2.70x8187No error (0)px.ads.linkedin.comexp1.www.linkedin.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.011606932 CEST1.1.1.1192.168.2.70x8187No error (0)exp1.www.linkedin.comwww-linkedin-com.l-0005.l-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.472860098 CEST1.1.1.1192.168.2.70xd26cNo error (0)stats.g.doubleclick.net142.250.141.155A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.472860098 CEST1.1.1.1192.168.2.70xd26cNo error (0)stats.g.doubleclick.net142.250.141.157A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.472860098 CEST1.1.1.1192.168.2.70xd26cNo error (0)stats.g.doubleclick.net142.250.141.154A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.472860098 CEST1.1.1.1192.168.2.70xd26cNo error (0)stats.g.doubleclick.net142.250.141.156A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.899032116 CEST1.1.1.1192.168.2.70x7bffNo error (0)a.quora.coma.quora.com.cdn.cloudflare.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.899336100 CEST1.1.1.1192.168.2.70x2f42No error (0)a.quora.coma.quora.com.cdn.cloudflare.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.900402069 CEST1.1.1.1192.168.2.70x8852No error (0)rum-static.pingdom.net104.22.54.104A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.900402069 CEST1.1.1.1192.168.2.70x8852No error (0)rum-static.pingdom.net172.67.5.216A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.900402069 CEST1.1.1.1192.168.2.70x8852No error (0)rum-static.pingdom.net104.22.55.104A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.900612116 CEST1.1.1.1192.168.2.70x2a1aNo error (0)px.ads.linkedin.comexp1.www.linkedin.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.900612116 CEST1.1.1.1192.168.2.70x2a1aNo error (0)exp1.www.linkedin.comwww-linkedin-com.l-0005.l-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.900752068 CEST1.1.1.1192.168.2.70xac22No error (0)px.ads.linkedin.comexp1.www.linkedin.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.900752068 CEST1.1.1.1192.168.2.70xac22No error (0)exp1.www.linkedin.comwww-linkedin-com.l-0005.l-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:06.900965929 CEST1.1.1.1192.168.2.70xb6b9No error (0)rum-static.pingdom.net65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.065332890 CEST1.1.1.1192.168.2.70xa72dNo error (0)www.clickcease.comd2no1x7oj2rkdb.cloudfront.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.065332890 CEST1.1.1.1192.168.2.70xa72dNo error (0)d2no1x7oj2rkdb.cloudfront.net18.65.25.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.065332890 CEST1.1.1.1192.168.2.70xa72dNo error (0)d2no1x7oj2rkdb.cloudfront.net18.65.25.116A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.065332890 CEST1.1.1.1192.168.2.70xa72dNo error (0)d2no1x7oj2rkdb.cloudfront.net18.65.25.6A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.065332890 CEST1.1.1.1192.168.2.70xa72dNo error (0)d2no1x7oj2rkdb.cloudfront.net18.65.25.57A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.065352917 CEST1.1.1.1192.168.2.70x7915No error (0)www.clickcease.comd2no1x7oj2rkdb.cloudfront.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.065711021 CEST1.1.1.1192.168.2.70xd41aNo error (0)q.quora.com52.200.154.95A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.065711021 CEST1.1.1.1192.168.2.70xd41aNo error (0)q.quora.com52.45.52.13A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.065711021 CEST1.1.1.1192.168.2.70xd41aNo error (0)q.quora.com52.21.40.167A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.065711021 CEST1.1.1.1192.168.2.70xd41aNo error (0)q.quora.com52.3.212.252A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.065711021 CEST1.1.1.1192.168.2.70xd41aNo error (0)q.quora.com52.200.166.19A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.767616987 CEST1.1.1.1192.168.2.70xbf8No error (0)rum-collector-2.pingdom.netprod-dem-collector-elb-611025824.eu-west-1.elb.amazonaws.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.767860889 CEST1.1.1.1192.168.2.70x34ffNo error (0)rum-collector-2.pingdom.netprod-dem-collector-elb-611025824.eu-west-1.elb.amazonaws.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.767860889 CEST1.1.1.1192.168.2.70x34ffNo error (0)prod-dem-collector-elb-611025824.eu-west-1.elb.amazonaws.com34.245.244.146A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.767860889 CEST1.1.1.1192.168.2.70x34ffNo error (0)prod-dem-collector-elb-611025824.eu-west-1.elb.amazonaws.com34.240.56.220A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.767860889 CEST1.1.1.1192.168.2.70x34ffNo error (0)prod-dem-collector-elb-611025824.eu-west-1.elb.amazonaws.com54.75.42.53A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.099770069 CEST1.1.1.1192.168.2.70x62f7No error (0)q.quora.com52.200.154.95A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.099770069 CEST1.1.1.1192.168.2.70x62f7No error (0)q.quora.com52.45.52.13A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.099770069 CEST1.1.1.1192.168.2.70x62f7No error (0)q.quora.com52.21.40.167A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.099770069 CEST1.1.1.1192.168.2.70x62f7No error (0)q.quora.com52.200.166.19A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.099770069 CEST1.1.1.1192.168.2.70x62f7No error (0)q.quora.com52.3.212.252A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.215123892 CEST1.1.1.1192.168.2.70x8ec1No error (0)t.co104.244.42.69A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.284347057 CEST1.1.1.1192.168.2.70xdfa5No error (0)analytics.twitter.comads.twitter.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.284347057 CEST1.1.1.1192.168.2.70xdfa5No error (0)ads.twitter.coms.twitter.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.284373045 CEST1.1.1.1192.168.2.70xb3c9No error (0)analytics.twitter.comads.twitter.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.284373045 CEST1.1.1.1192.168.2.70xb3c9No error (0)ads.twitter.coms.twitter.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.284373045 CEST1.1.1.1192.168.2.70xb3c9No error (0)s.twitter.com104.244.42.131A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.126271009 CEST1.1.1.1192.168.2.70x6f65No error (0)t.co104.244.42.69A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.197526932 CEST1.1.1.1192.168.2.70x8c6No error (0)analytics.twitter.comads.twitter.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.197526932 CEST1.1.1.1192.168.2.70x8c6No error (0)ads.twitter.coms.twitter.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.197601080 CEST1.1.1.1192.168.2.70x3a4bNo error (0)analytics.twitter.comads.twitter.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.197601080 CEST1.1.1.1192.168.2.70x3a4bNo error (0)ads.twitter.coms.twitter.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.197601080 CEST1.1.1.1192.168.2.70x3a4bNo error (0)s.twitter.com104.244.42.131A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.281029940 CEST1.1.1.1192.168.2.70x43d5No error (0)www.linkedin.comexp1.www.linkedin.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.281029940 CEST1.1.1.1192.168.2.70x43d5No error (0)exp1.www.linkedin.comwww-linkedin-com.l-0005.l-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.281611919 CEST1.1.1.1192.168.2.70xe314No error (0)www.linkedin.comexp1.www.linkedin.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.281611919 CEST1.1.1.1192.168.2.70xe314No error (0)exp1.www.linkedin.comwww-linkedin-com.l-0005.l-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.718861103 CEST1.1.1.1192.168.2.70x9adeNo error (0)rum-collector-2.pingdom.netprod-dem-collector-elb-611025824.eu-west-1.elb.amazonaws.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.718861103 CEST1.1.1.1192.168.2.70x9adeNo error (0)prod-dem-collector-elb-611025824.eu-west-1.elb.amazonaws.com34.240.56.220A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.718861103 CEST1.1.1.1192.168.2.70x9adeNo error (0)prod-dem-collector-elb-611025824.eu-west-1.elb.amazonaws.com34.245.244.146A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.718861103 CEST1.1.1.1192.168.2.70x9adeNo error (0)prod-dem-collector-elb-611025824.eu-west-1.elb.amazonaws.com54.75.42.53A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:09.719247103 CEST1.1.1.1192.168.2.70x643bNo error (0)rum-collector-2.pingdom.netprod-dem-collector-elb-611025824.eu-west-1.elb.amazonaws.comCNAME (Canonical name)IN (0x0001)false

                                                                                                                                                                                                                                                                                                                                  HTTP Request Dependency Graph

                                                                                                                                                                                                                                                                                                                                  • www.telerik.com
                                                                                                                                                                                                                                                                                                                                  • https:
                                                                                                                                                                                                                                                                                                                                    • cdn.cookielaw.org
                                                                                                                                                                                                                                                                                                                                    • d6vtbcy3ong79.cloudfront.net
                                                                                                                                                                                                                                                                                                                                    • cdnjs.cloudflare.com
                                                                                                                                                                                                                                                                                                                                    • dtzbdy9anri2p.cloudfront.net
                                                                                                                                                                                                                                                                                                                                    • cdn.insight.sitefinity.com
                                                                                                                                                                                                                                                                                                                                    • d585tldpucybw.cloudfront.net
                                                                                                                                                                                                                                                                                                                                    • geolocation.onetrust.com
                                                                                                                                                                                                                                                                                                                                    • static.hotjar.com
                                                                                                                                                                                                                                                                                                                                    • euob.ytwohlcq.telerik.com
                                                                                                                                                                                                                                                                                                                                    • unpkg.com
                                                                                                                                                                                                                                                                                                                                    • stats.g.doubleclick.net
                                                                                                                                                                                                                                                                                                                                    • script.hotjar.com
                                                                                                                                                                                                                                                                                                                                    • s1325.t.eloqua.com
                                                                                                                                                                                                                                                                                                                                    • td.doubleclick.net
                                                                                                                                                                                                                                                                                                                                    • www.google.com
                                                                                                                                                                                                                                                                                                                                    • cl.qualaroo.com
                                                                                                                                                                                                                                                                                                                                    • obseu.ytwohlcq.telerik.com
                                                                                                                                                                                                                                                                                                                                    • api.insight.sitefinity.com
                                                                                                                                                                                                                                                                                                                                    • googleads.g.doubleclick.net
                                                                                                                                                                                                                                                                                                                                    • connect.facebook.net
                                                                                                                                                                                                                                                                                                                                    • www.clarity.ms
                                                                                                                                                                                                                                                                                                                                    • www.facebook.com
                                                                                                                                                                                                                                                                                                                                    • privacyportal.onetrust.com
                                                                                                                                                                                                                                                                                                                                    • dntcl.qualaroo.com
                                                                                                                                                                                                                                                                                                                                    • geo.qualaroo.com
                                                                                                                                                                                                                                                                                                                                    • static.ads-twitter.com
                                                                                                                                                                                                                                                                                                                                    • rum-static.pingdom.net
                                                                                                                                                                                                                                                                                                                                    • www.clickcease.com
                                                                                                                                                                                                                                                                                                                                    • q.quora.com
                                                                                                                                                                                                                                                                                                                                    • t.co
                                                                                                                                                                                                                                                                                                                                    • analytics.twitter.com
                                                                                                                                                                                                                                                                                                                                    • rum-collector-2.pingdom.net
                                                                                                                                                                                                                                                                                                                                  • trueuser-agent:
                                                                                                                                                                                                                                                                                                                                  • fs.microsoft.com
                                                                                                                                                                                                                                                                                                                                  • slscr.update.microsoft.com
                                                                                                                                                                                                                                                                                                                                  • fiddler2.com

                                                                                                                                                                                                                                                                                                                                  HTTP Packets

                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  0192.168.2.74970650.56.19.116807880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:22.823184967 CEST446OUTGET /r/?Fiddler2FirstRun HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: fiddler2.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:23.033346891 CEST226INHTTP/1.1 301 Moved Permanently
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                  Location: http://www.telerik.com/download/fiddler/first-run
                                                                                                                                                                                                                                                                                                                                  Server: Microsoft-IIS/8.5
                                                                                                                                                                                                                                                                                                                                  X-Powered-By: ASP.NET
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:22 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.091145039 CEST6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                  Data Ascii:
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:53.385318041 CEST6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                  Data Ascii:


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  1192.168.2.74971050.56.19.112807880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:23.546684027 CEST456OUTGET /download/fiddler/first-run HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:29:23.755250931 CEST139INHTTP/1.0 301 Moved Permanently
                                                                                                                                                                                                                                                                                                                                  Location: https://www.telerik.com/download/fiddler/first-run
                                                                                                                                                                                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.763484001 CEST6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                  Data Ascii:
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:53.979032993 CEST6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                  Data Ascii:


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  2192.168.2.74970750.56.19.116807880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:07.912756920 CEST6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                  Data Ascii:


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  3192.168.2.74971150.56.19.112807880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  Apr 24, 2024 01:30:08.592247009 CEST6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                  Data Ascii:


                                                                                                                                                                                                                                                                                                                                  HTTPS Proxied Packets

                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  0192.168.2.74971350.56.19.1124437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:28 UTC684OUTGET /download/fiddler/first-run HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-User: ?1
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: document
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:29 UTC448INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                                                                                                                  Expires: -1
                                                                                                                                                                                                                                                                                                                                  Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: http://localconverter.telerik.com
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:28 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Length: 63475
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:29 UTC14051INData Raw: 20 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 20 3c 68 74 6d 6c 20 69 64 3d 22 68 74 6d 6c 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 20 3c 68 65 61 64 3e 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 20 2f 3e 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 68 74 6d 6c 22 20 69 64 3d 22 73 66 2d 74 72 61 63 6b 69 6e 67 2d 63 6f 6e 73 65 6e 74 2d 6d 61 6e 61 67 65 72 22 3e 0d 0a 09 3c 64 69 76 20 69 64 3d 22 74 72 61 63 6b 69 6e 67 2d 63 6f 6e 73 65 6e 74 2d 64 69 61 6c 6f 67 22 20 73 74 79 6c 65 3d 22 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 22 20 2f 3e 0d 0a 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 2f 57 65 62 52 65 73 6f 75 72 63 65 2e 61 78
                                                                                                                                                                                                                                                                                                                                  Data Ascii: <!doctype html> <html id="html" lang="en"> <head> <meta charset="utf-8" /><script type="text/html" id="sf-tracking-consent-manager"><div id="tracking-consent-dialog" style="display:none" /></script><script type="text/javascript" src="/WebResource.ax
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:29 UTC11584INData Raw: 73 73 3d 22 54 4b 2d 44 61 73 68 2d 4c 69 6e 6b 73 22 3e 3c 61 20 68 72 65 66 3d 22 2f 70 72 6f 64 75 63 74 73 2f 72 65 70 6f 72 74 69 6e 67 2e 61 73 70 78 22 20 63 6c 61 73 73 3d 22 54 4b 2d 44 61 73 68 2d 4c 69 6e 6b 22 20 64 61 74 61 2d 6d 61 74 63 68 2d 65 78 61 63 74 2d 70 61 74 68 3e 54 65 6c 65 72 69 6b 20 52 65 70 6f 72 74 69 6e 67 3c 2f 61 3e 20 3c 61 20 68 72 65 66 3d 22 2f 72 65 70 6f 72 74 2d 73 65 72 76 65 72 22 20 63 6c 61 73 73 3d 22 54 4b 2d 44 61 73 68 2d 4c 69 6e 6b 22 20 64 61 74 61 2d 6d 61 74 63 68 2d 65 78 61 63 74 2d 70 61 74 68 3e 54 65 6c 65 72 69 6b 20 52 65 70 6f 72 74 20 53 65 72 76 65 72 3c 2f 61 3e 20 3c 61 20 68 72 65 66 3d 22 2f 70 72 6f 64 75 63 74 73 2f 6d 6f 63 6b 69 6e 67 2e 61 73 70 78 22 20 63 6c 61 73 73 3d 22 54 4b
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ss="TK-Dash-Links"><a href="/products/reporting.aspx" class="TK-Dash-Link" data-match-exact-path>Telerik Reporting</a> <a href="/report-server" class="TK-Dash-Link" data-match-exact-path>Telerik Report Server</a> <a href="/products/mocking.aspx" class="TK
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:29 UTC14480INData Raw: 61 74 65 64 20 54 65 73 74 73 20 51 75 69 63 6b 6c 79 3f 20 54 72 79 20 54 65 73 74 20 53 74 75 64 69 6f 2e 3c 2f 61 3e 3c 2f 68 34 3e 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 4c 69 73 74 2d 74 65 78 74 20 54 65 78 74 2d 2d 73 22 3e 42 6f 6f 73 74 20 70 72 6f 64 75 63 74 69 76 69 74 79 20 61 6e 64 20 74 65 73 74 20 63 6f 76 65 72 61 67 65 2c 20 61 6e 64 20 6b 69 6c 6c 20 62 75 67 73 20 62 65 66 6f 72 65 20 74 68 65 79 20 73 6c 69 70 20 69 6e 74 6f 20 70 72 6f 64 75 63 74 69 6f 6e 0d 0a 77 69 74 68 20 61 6e 20 69 6e 74 75 69 74 69 76 65 20 73 6f 66 74 77 61 72 65 20 71 75 61 6c 69 74 79 20 73 6f 6c 75 74 69 6f 6e 20 66 6f 72 20 47 55 49 2c 20 6c 6f 61 64 20 61 6e 64 20 70 65 72 66 6f 72 6d 61 6e 63 65 20 74 65 73 74 69 6e 67 2e 0d 0a 3c 2f 64 69 76 3e 20 3c
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ated Tests Quickly? Try Test Studio.</a></h4> <div class="List-text Text--s">Boost productivity and test coverage, and kill bugs before they slip into productionwith an intuitive software quality solution for GUI, load and performance testing.</div> <
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:29 UTC16384INData Raw: 30 2c 31 2c 32 2e 35 39 33 2c 31 2e 36 2c 31 2e 35 35 35 2c 31 2e 35 35 35 2c 30 2c 30 2c 30 2c 2e 39 2e 37 37 32 2c 31 2e 38 39 2c 31 2e 38 39 2c 30 2c 30 2c 30 2c 31 2e 31 38 31 2d 2e 31 2c 33 2e 33 2c 33 2e 33 2c 30 2c 30 2c 31 2c 2e 38 32 37 2d 31 2e 36 39 31 68 30 43 36 2e 39 34 32 2c 31 36 2e 33 38 32 2c 35 2e 37 2c 31 34 2e 37 32 34 2c 35 2e 32 2c 31 33 2e 34 31 35 61 35 2e 35 30 36 2c 35 2e 35 30 36 2c 30 2c 30 2c 31 2c 2e 38 35 35 2d 35 2e 32 38 31 41 2e 31 38 38 2e 31 38 38 2c 30 2c 30 2c 30 2c 36 2e 31 2c 37 2e 39 38 39 61 34 2e 36 2c 34 2e 36 2c 30 2c 30 2c 31 2c 2e 31 34 2d 33 2e 30 37 33 2c 34 2e 38 35 38 2c 34 2e 38 35 38 2c 30 2c 30 2c 31 2c 32 2e 36 36 33 2c 31 6c 2e 33 33 37 2e 32 63 2e 31 34 31 2e 30 38 34 2e 31 2e 30 33 36 2e 32 33 38
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 0,1,2.593,1.6,1.555,1.555,0,0,0,.9.772,1.89,1.89,0,0,0,1.181-.1,3.3,3.3,0,0,1,.827-1.691h0C6.942,16.382,5.7,14.724,5.2,13.415a5.506,5.506,0,0,1,.855-5.281A.188.188,0,0,0,6.1,7.989a4.6,4.6,0,0,1,.14-3.073,4.858,4.858,0,0,1,2.663,1l.337.2c.141.084.1.036.238
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:29 UTC6784INData Raw: 20 2f 28 41 6e 64 72 6f 69 64 7c 41 6e 64 72 6f 69 64 2e 2a 28 3f 3a 4f 70 65 72 61 7c 46 69 72 65 66 6f 78 29 2e 2a 3f 5c 2f 29 5c 73 2a 28 5c 64 2b 29 5c 2e 3f 28 5c 64 2b 28 5c 2e 5c 64 2b 29 3f 29 3f 2f 2c 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2f 28 69 50 68 6f 6e 65 7c 69 50 6f 64 29 2e 2a 4f 53 5c 73 2b 28 5c 64 2b 29 5b 5c 2e 5f 5d 28 5b 5c 64 5c 2e 5f 5d 2b 29 2f 2c 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2f 28 69 50 61 64 29 2e 2a 4f 53 5c 73 2b 28 5c 64 2b 29 5b 5c 2e 5f 5d 28 5b 5c 64 5f 5d 2b 29 2f 2c 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2f 28 4d 65 65 47 6f 29 2e 2b 4e 6f 6b 69 61 42 72 6f 77 73 65 72 5c 2f 28 5c 64 2b 29 5c 2e 28 5b 5c 64 5c 2e 5f 5d 2b 29 2f 2c 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2f 28 77 65 62 4f 53 29 5c
                                                                                                                                                                                                                                                                                                                                  Data Ascii: /(Android|Android.*(?:Opera|Firefox).*?\/)\s*(\d+)\.?(\d+(\.\d+)?)?/, /(iPhone|iPod).*OS\s+(\d+)[\._]([\d\._]+)/, /(iPad).*OS\s+(\d+)[\._]([\d_]+)/, /(MeeGo).+NokiaBrowser\/(\d+)\.([\d\._]+)/, /(webOS)\
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:29 UTC192INData Raw: 72 6f 6e 74 2e 6e 65 74 2f 46 72 6f 6e 74 65 6e 64 2d 41 73 73 65 6d 62 6c 79 2f 57 65 62 2e 53 69 74 65 66 69 6e 69 74 79 45 78 74 65 6e 73 69 6f 6e 73 2e 45 6c 6f 71 75 61 43 6f 6e 6e 65 63 74 6f 72 2f 53 63 72 69 70 74 73 2f 53 65 74 42 72 6f 77 73 65 72 53 65 73 73 69 6f 6e 53 74 6f 72 61 67 65 2e 6d 69 6e 2e 6a 73 3f 70 61 63 6b 61 67 65 3d 50 75 72 65 4d 76 63 26 61 6d 70 3b 76 3d 5a 47 78 31 62 55 55 32 52 6e 5a 36 54 6d 64 30 64 32 31 44 54 6d 31 30 4d 32 5a 48 55 54 30 39 29 27 3e 3c 2f 73 63 72 69 70 74 3e 20 3c 2f 62 6f 64 79 3e 20 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ront.net/Frontend-Assembly/Web.SitefinityExtensions.EloquaConnector/Scripts/SetBrowserSessionStorage.min.js?package=PureMvc&amp;v=ZGx1bUU2RnZ6Tmd0d21DTm10M2ZHUT09)'></script> </body> </html>


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  1192.168.2.74971650.56.19.1124437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC757OUTGET /WebResource.axd?d=DzHrpQl5URXarFHAtrmzFsPwWIExaUeLHf3gTuslFxiRsjc9gU89IWbLw9lFnSTXl5qZVz-0iBHHB3aQBiGWPYzKfk3ndhT8iH1RSf_M6Sk7X3EWbQzPMVpb-rxAUHFQlncyLjOo3RP6E9HfRXn18roSCYCGCRaVqv9jyNWgJTH95Urh0&t=638477158040000000 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/download/fiddler/first-run
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC500INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Cache-Control: public
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/x-javascript
                                                                                                                                                                                                                                                                                                                                  Expires: Wed, 23 Apr 2025 07:11:50 GMT
                                                                                                                                                                                                                                                                                                                                  Last-Modified: Wed, 03 Apr 2024 14:36:44 GMT
                                                                                                                                                                                                                                                                                                                                  Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: http://localconverter.telerik.com
                                                                                                                                                                                                                                                                                                                                  Date: Mon, 02 Dec 2024 23:56:19 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Length: 3300
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC2415INData Raw: 54 72 61 63 6b 69 6e 67 43 6f 6e 73 65 6e 74 4d 61 6e 61 67 65 72 3d 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 63 6f 6e 73 65 6e 74 43 6f 6f 6b 69 65 4e 61 6d 65 3d 22 73 66 2d 74 72 61 63 6b 69 6e 67 2d 63 6f 6e 73 65 6e 74 22 3b 0a 76 61 72 20 63 6f 6e 73 65 6e 74 44 69 61 6c 6f 67 48 74 6d 6c 3d 22 22 3b 0a 76 61 72 20 63 6f 6e 73 65 6e 74 44 69 61 6c 6f 67 3d 6e 75 6c 6c 3b 0a 76 61 72 20 65 76 65 6e 74 4c 69 73 74 65 6e 65 72 73 3d 7b 41 66 74 65 72 44 69 61 6c 6f 67 44 69 73 70 6c 61 79 65 64 3a 5b 5d 2c 42 65 66 6f 72 65 44 69 61 6c 6f 67 43 6c 6f 73 65 64 3a 5b 5d 2c 43 6f 6e 73 65 6e 74 43 68 61 6e 67 65 64 3a 5b 5d 2c 7d 3b 0a 66 75 6e 63 74 69 6f 6e 20 63 6c 6f 73 65 43 6f 6e 73 65 6e 74 44 69 61 6c 6f 67 28 29 7b 69 66 28 63 6f 6e 73 65
                                                                                                                                                                                                                                                                                                                                  Data Ascii: TrackingConsentManager=(function(){var consentCookieName="sf-tracking-consent";var consentDialogHtml="";var consentDialog=null;var eventListeners={AfterDialogDisplayed:[],BeforeDialogClosed:[],ConsentChanged:[],};function closeConsentDialog(){if(conse
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC885INData Raw: 74 61 63 68 45 76 65 6e 74 28 22 6f 6e 6c 6f 61 64 22 2c 6f 70 65 6e 44 69 61 6c 6f 67 49 66 43 6f 6e 73 65 6e 74 4e 6f 74 50 72 6f 76 69 64 65 64 29 3b 0a 7d 7d 72 65 74 75 72 6e 7b 63 61 6e 54 72 61 63 6b 43 75 72 72 65 6e 74 55 73 65 72 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 72 65 61 64 43 6f 6f 6b 69 65 28 63 6f 6e 73 65 6e 74 43 6f 6f 6b 69 65 4e 61 6d 65 29 3d 3d 22 74 72 75 65 22 3b 0a 7d 2c 61 73 6b 46 6f 72 55 73 65 72 43 6f 6e 73 65 6e 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 6f 70 65 6e 43 6f 6e 73 65 6e 74 44 69 61 6c 6f 67 28 29 3b 0a 7d 2c 75 70 64 61 74 65 55 73 65 72 43 6f 6e 73 65 6e 74 3a 66 75 6e 63 74 69 6f 6e 28 63 6f 6e 73 65 6e 74 29 7b 76 61 72 20 61 63 63 65 70 74 65 64 3d 42 6f 6f 6c 65 61 6e 28 63 6f 6e 73 65 6e
                                                                                                                                                                                                                                                                                                                                  Data Ascii: tachEvent("onload",openDialogIfConsentNotProvided);}}return{canTrackCurrentUser:function(){return readCookie(consentCookieName)=="true";},askForUserConsent:function(){openConsentDialog();},updateUserConsent:function(consent){var accepted=Boolean(consen


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  2192.168.2.74971750.56.19.1124437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC800OUTGET /WebResource.axd?d=HtQyXelCu6mzSPcVcvK_BiMPfgaXcXtBpU_p4oPRWdaaTkgqeBOpXuu1TRv9pAGD-FAzjGGeBeqirrj8SJpv3YU7eO6rv9kziBqvktqcdZzC15nZHrag4kg_mMMtSYLloBTL1HIRNuD4Iepyub_zCpOjm9RyH4DXkI1YDpCN_mnfRNsYUjpSNKzgKVak4AN3FQYzZOcP1Z4PmfVVfM_48qg3YrI1&t=638477158040000000 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/download/fiddler/first-run
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC500INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Cache-Control: public
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/x-javascript
                                                                                                                                                                                                                                                                                                                                  Expires: Wed, 23 Apr 2025 06:56:26 GMT
                                                                                                                                                                                                                                                                                                                                  Last-Modified: Wed, 03 Apr 2024 14:36:44 GMT
                                                                                                                                                                                                                                                                                                                                  Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: http://localconverter.telerik.com
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:32 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Length: 2617
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC2415INData Raw: ef bb bf 49 6e 73 69 67 68 74 49 6e 69 74 53 63 72 69 70 74 20 3d 20 7b 20 5f 73 65 74 74 69 6e 67 73 3a 20 6e 75 6c 6c 2c 20 5f 63 6c 69 65 6e 74 3a 20 6e 75 6c 6c 2c 20 5f 63 72 65 61 74 65 43 6c 69 65 6e 74 3a 20 66 75 6e 63 74 69 6f 6e 20 28 74 29 20 7b 20 49 6e 73 69 67 68 74 49 6e 69 74 53 63 72 69 70 74 2e 5f 63 6c 69 65 6e 74 20 3d 20 6e 65 77 20 73 66 44 61 74 61 49 6e 74 65 6c 6c 2e 43 6c 69 65 6e 74 28 7b 20 61 70 69 4b 65 79 3a 20 49 6e 73 69 67 68 74 49 6e 69 74 53 63 72 69 70 74 2e 5f 73 65 74 74 69 6e 67 73 2e 61 70 69 4b 65 79 2c 20 73 6f 75 72 63 65 3a 20 49 6e 73 69 67 68 74 49 6e 69 74 53 63 72 69 70 74 2e 5f 73 65 74 74 69 6e 67 73 2e 61 70 70 6c 69 63 61 74 69 6f 6e 4e 61 6d 65 2c 20 61 70 69 53 65 72 76 65 72 55 72 6c 3a 20 49 6e 73
                                                                                                                                                                                                                                                                                                                                  Data Ascii: InsightInitScript = { _settings: null, _client: null, _createClient: function (t) { InsightInitScript._client = new sfDataIntell.Client({ apiKey: InsightInitScript._settings.apiKey, source: InsightInitScript._settings.applicationName, apiServerUrl: Ins
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC202INData Raw: 43 6c 69 65 6e 74 29 2c 20 49 6e 73 69 67 68 74 49 6e 69 74 53 63 72 69 70 74 2e 5f 63 72 65 61 74 65 43 6c 69 65 6e 74 28 54 72 61 63 6b 69 6e 67 43 6f 6e 73 65 6e 74 4d 61 6e 61 67 65 72 2e 63 61 6e 54 72 61 63 6b 43 75 72 72 65 6e 74 55 73 65 72 28 29 29 29 20 3a 20 49 6e 73 69 67 68 74 49 6e 69 74 53 63 72 69 70 74 2e 5f 63 72 65 61 74 65 43 6c 69 65 6e 74 28 21 30 29 20 7d 20 7d 2c 20 64 6f 63 75 6d 65 6e 74 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 69 6e 73 69 67 68 74 2d 73 64 6b 2d 72 65 61 64 79 22 2c 20 49 6e 73 69 67 68 74 49 6e 69 74 53 63 72 69 70 74 2e 6c 6f 61 64 29 3b
                                                                                                                                                                                                                                                                                                                                  Data Ascii: Client), InsightInitScript._createClient(TrackingConsentManager.canTrackCurrentUser())) : InsightInitScript._createClient(!0) } }, document.addEventListener("insight-sdk-ready", InsightInitScript.load);


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  3192.168.2.74971850.56.19.1124437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC800OUTGET /WebResource.axd?d=wnB2OjhYopty-dCFa4b2kKCIWGgLoaj0QQ4I7F_PiSysmtqnVBUtsGpmlAymZDgXEXdRjhe5BdfNkuyybLSHMhRnbzI9oh6WXC-y-EwOrJPY0qCvfWaOo0ltV4TVm8apzRlzF5O244Y4u7-m5V8Vv2yC1Tun7PurVRoOxfv28sPwY-isOJNAi7MSqc1tycGYAkqZXHU_zlVNorSTBDv4W4jemDM1&t=638477158040000000 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/download/fiddler/first-run
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC500INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Cache-Control: public
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/x-javascript
                                                                                                                                                                                                                                                                                                                                  Expires: Wed, 23 Apr 2025 07:01:24 GMT
                                                                                                                                                                                                                                                                                                                                  Last-Modified: Wed, 03 Apr 2024 14:36:44 GMT
                                                                                                                                                                                                                                                                                                                                  Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: http://localconverter.telerik.com
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:32 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Length: 7351
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC6759INData Raw: ef bb bf 76 61 72 20 70 65 72 73 6f 6e 61 6c 69 7a 61 74 69 6f 6e 4d 61 6e 61 67 65 72 20 3d 20 6e 75 6c 6c 3b 20 77 69 6e 64 6f 77 2e 73 66 43 6f 72 72 65 6c 61 74 69 6f 6e 49 64 20 3d 20 44 61 74 65 2e 6e 6f 77 28 29 2e 74 6f 53 74 72 69 6e 67 28 33 36 29 20 2b 20 4d 61 74 68 2e 72 61 6e 64 6f 6d 28 29 2e 74 6f 53 74 72 69 6e 67 28 33 36 29 2e 73 75 62 73 74 72 69 6e 67 28 32 29 2c 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 22 75 73 65 20 73 74 72 69 63 74 22 3b 20 76 61 72 20 50 65 72 73 6f 6e 61 6c 69 7a 61 74 69 6f 6e 4d 61 6e 61 67 65 72 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 74 68 69 73 2e 70 65 72 73 6f 6e 61 6c 69 7a 65 64 43 6f 6e 74 61 69 6e 65 72 73 20 3d 20 5b 5d 2c 20 74 68 69 73 2e 70 65 72 73 6f 6e 61 6c 69 7a 65 64 43 6f 6e
                                                                                                                                                                                                                                                                                                                                  Data Ascii: var personalizationManager = null; window.sfCorrelationId = Date.now().toString(36) + Math.random().toString(36).substring(2), function () { "use strict"; var PersonalizationManager = function () { this.personalizedContainers = [], this.personalizedCon
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC592INData Raw: 65 2e 69 6e 64 65 78 4f 66 28 22 2e 22 2c 20 69 29 29 2c 20 31 30 29 20 7d 2c 20 69 73 44 65 73 63 65 6e 64 61 6e 74 4f 66 53 76 67 3a 20 66 75 6e 63 74 69 6f 6e 20 28 65 29 20 7b 20 66 6f 72 20 28 3b 20 65 3b 29 20 7b 20 69 66 20 28 22 73 76 67 22 20 3d 3d 3d 20 65 2e 74 61 67 4e 61 6d 65 29 20 72 65 74 75 72 6e 20 21 30 3b 20 65 20 3d 20 65 2e 70 61 72 65 6e 74 4e 6f 64 65 20 7d 20 72 65 74 75 72 6e 20 21 31 20 7d 20 7d 2c 20 70 65 72 73 6f 6e 61 6c 69 7a 61 74 69 6f 6e 4d 61 6e 61 67 65 72 20 3d 20 6e 65 77 20 50 65 72 73 6f 6e 61 6c 69 7a 61 74 69 6f 6e 4d 61 6e 61 67 65 72 2c 20 77 69 6e 64 6f 77 2e 6a 51 75 65 72 79 29 20 6a 51 75 65 72 79 28 64 6f 63 75 6d 65 6e 74 29 2e 72 65 61 64 79 28 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 70 65 72 73 6f 6e
                                                                                                                                                                                                                                                                                                                                  Data Ascii: e.indexOf(".", i)), 10) }, isDescendantOfSvg: function (e) { for (; e;) { if ("svg" === e.tagName) return !0; e = e.parentNode } return !1 } }, personalizationManager = new PersonalizationManager, window.jQuery) jQuery(document).ready(function () { person


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  4192.168.2.749722104.19.178.524437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC573OUTGET /consent/3dfce4f2-dab6-4128-9f33-df7e0597da82/otSDKStub.js HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: cdn.cookielaw.org
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC902INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:32 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/x-javascript
                                                                                                                                                                                                                                                                                                                                  Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  CF-Ray: 8791a2e45fd209ff-LAS
                                                                                                                                                                                                                                                                                                                                  CF-Cache-Status: HIT
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  Age: 15780
                                                                                                                                                                                                                                                                                                                                  Cache-Control: public, max-age=86400
                                                                                                                                                                                                                                                                                                                                  Expires: Wed, 24 Apr 2024 23:29:32 GMT
                                                                                                                                                                                                                                                                                                                                  Last-Modified: Thu, 11 Apr 2024 13:50:47 GMT
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                                                                                  Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                  Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                                                                                                                                                                                                                                                                                                  Content-MD5: 1C7BuQ3LGAlBcdxyvs3Sgw==
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  x-ms-blob-type: BlockBlob
                                                                                                                                                                                                                                                                                                                                  x-ms-lease-status: unlocked
                                                                                                                                                                                                                                                                                                                                  x-ms-request-id: 476a36e8-e01e-007a-8017-8c24c3000000
                                                                                                                                                                                                                                                                                                                                  x-ms-version: 2009-09-19
                                                                                                                                                                                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC467INData Raw: 31 62 65 63 0d 0a 28 66 75 6e 63 74 69 6f 6e 28 77 29 7b 66 75 6e 63 74 69 6f 6e 20 78 28 29 7b 76 61 72 20 61 3d 74 68 69 73 3b 74 68 69 73 2e 69 6d 70 6c 65 6d 65 6e 74 54 68 65 50 6f 6c 79 66 69 6c 6c 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 62 3d 45 6c 65 6d 65 6e 74 2e 70 72 6f 74 6f 74 79 70 65 2e 73 65 74 41 74 74 72 69 62 75 74 65 3b 45 6c 65 6d 65 6e 74 2e 70 72 6f 74 6f 74 79 70 65 2e 73 65 74 41 74 74 72 69 62 75 74 65 3d 66 75 6e 63 74 69 6f 6e 28 63 2c 64 29 7b 69 66 28 22 73 74 79 6c 65 22 21 3d 3d 63 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 26 26 62 2e 61 70 70 6c 79 28 74 68 69 73 2c 5b 63 2c 64 5d 29 2c 22 73 74 79 6c 65 22 21 3d 3d 63 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 7c 7c 64 7c 7c 74 68 69 73 2e 72 65 6d 6f 76 65 41 74
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 1bec(function(w){function x(){var a=this;this.implementThePolyfill=function(){var b=Element.prototype.setAttribute;Element.prototype.setAttribute=function(c,d){if("style"!==c.toLowerCase()&&b.apply(this,[c,d]),"style"!==c.toLowerCase()||d||this.removeAt
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC1369INData Raw: 26 28 6c 2b 3d 22 3b 22 29 2c 6c 2e 74 72 69 6d 28 29 29 3a 6e 75 6c 6c 7d 76 6f 69 64 20 30 3d 3d 3d 63 26 26 28 63 3d 0a 21 31 29 3b 76 61 72 20 66 3d 64 28 61 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 73 74 79 6c 65 22 29 29 2c 67 3d 64 28 62 29 3b 62 3d 22 22 3b 62 3d 63 26 26 66 3f 66 75 6e 63 74 69 6f 6e 28 29 7b 66 6f 72 28 76 61 72 20 6c 3d 66 2e 73 70 6c 69 74 28 22 3b 22 29 2e 63 6f 6e 63 61 74 28 67 2e 73 70 6c 69 74 28 22 3b 22 29 29 2e 66 69 6c 74 65 72 28 66 75 6e 63 74 69 6f 6e 28 42 29 7b 72 65 74 75 72 6e 20 30 21 3d 3d 42 2e 6c 65 6e 67 74 68 7d 29 2c 6d 3d 22 22 2c 6e 3d 22 22 2c 72 3d 6c 2e 6c 65 6e 67 74 68 2d 31 3b 30 3c 3d 72 3b 72 2d 2d 29 7b 76 61 72 20 79 3d 6c 5b 72 5d 2e 73 75 62 73 74 72 69 6e 67 28 30 2c 6c 5b 72 5d 2e 69
                                                                                                                                                                                                                                                                                                                                  Data Ascii: &(l+=";"),l.trim()):null}void 0===c&&(c=!1);var f=d(a.getAttribute("style")),g=d(b);b="";b=c&&f?function(){for(var l=f.split(";").concat(g.split(";")).filter(function(B){return 0!==B.length}),m="",n="",r=l.length-1;0<=r;r--){var y=l[r].substring(0,l[r].i
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC1369INData Raw: 2e 31 31 2e 30 2f 22 2b 65 2e 62 61 6e 6e 65 72 53 63 72 69 70 74 4e 61 6d 65 29 3a 28 65 2e 69 73 4d 69 67 72 61 74 65 64 55 52 4c 26 26 28 64 2e 73 72 63 3d 65 2e 73 74 6f 72 61 67 65 42 61 73 65 55 52 4c 2b 22 2f 73 63 72 69 70 74 74 65 6d 70 6c 61 74 65 73 2f 22 2b 65 2e 73 74 75 62 46 69 6c 65 4e 61 6d 65 2b 22 2e 6a 73 22 29 2c 65 2e 73 74 6f 72 61 67 65 42 61 73 65 55 52 4c 2b 22 2f 73 63 72 69 70 74 74 65 6d 70 6c 61 74 65 73 2f 22 2b 62 2e 56 65 72 73 69 6f 6e 2b 22 2f 22 2b 65 2e 62 61 6e 6e 65 72 53 63 72 69 70 74 4e 61 6d 65 29 3b 22 63 68 61 72 73 65 74 20 64 61 74 61 2d 6c 61 6e 67 75 61 67 65 20 64 61 74 61 2d 64 6f 63 75 6d 65 6e 74 2d 6c 61 6e 67 75 61 67 65 20 64 61 74 61 2d 64 6f 6d 61 69 6e 2d 73 63 72 69 70 74 20 63 72 6f 73 73 6f 72
                                                                                                                                                                                                                                                                                                                                  Data Ascii: .11.0/"+e.bannerScriptName):(e.isMigratedURL&&(d.src=e.storageBaseURL+"/scripttemplates/"+e.stubFileName+".js"),e.storageBaseURL+"/scripttemplates/"+b.Version+"/"+e.bannerScriptName);"charset data-language data-document-language data-domain-script crossor
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC1369INData Raw: 0a 28 62 2e 64 6f 63 75 6d 65 6e 74 2e 62 6f 64 79 3f 61 2e 61 64 64 4c 6f 63 61 74 6f 72 28 22 43 4d 50 22 29 3a 73 65 74 54 69 6d 65 6f 75 74 28 61 2e 61 64 64 49 61 62 46 72 61 6d 65 2c 35 29 29 7d 3b 74 68 69 73 2e 61 64 64 42 61 63 6b 77 61 72 64 49 61 62 46 72 61 6d 65 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 62 3d 77 69 6e 64 6f 77 3b 21 62 2e 66 72 61 6d 65 73 2e 5f 5f 74 63 66 61 70 69 4c 6f 63 61 74 6f 72 26 26 28 62 2e 64 6f 63 75 6d 65 6e 74 2e 62 6f 64 79 3f 61 2e 61 64 64 4c 6f 63 61 74 6f 72 28 22 54 43 46 22 29 3a 73 65 74 54 69 6d 65 6f 75 74 28 61 2e 61 64 64 49 61 62 46 72 61 6d 65 2c 35 29 29 7d 3b 74 68 69 73 2e 61 64 64 4c 6f 63 61 74 6f 72 3d 66 75 6e 63 74 69 6f 6e 28 62 29 7b 76 61 72 20 63 3d 77 69 6e 64 6f 77 2c 64 3d 63
                                                                                                                                                                                                                                                                                                                                  Data Ascii: (b.document.body?a.addLocator("CMP"):setTimeout(a.addIabFrame,5))};this.addBackwardIabFrame=function(){var b=window;!b.frames.__tcfapiLocator&&(b.document.body?a.addLocator("TCF"):setTimeout(a.addIabFrame,5))};this.addLocator=function(b){var c=window,d=c
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC1369INData Raw: 72 20 63 2c 64 3b 76 6f 69 64 20 30 3d 3d 3d 63 26 26 28 63 3d 21 31 29 3b 62 26 26 28 64 3d 21 28 63 3d 7b 7d 29 2c 22 49 41 42 32 22 21 3d 3d 61 2e 69 61 62 54 79 70 65 26 26 22 49 41 42 32 56 32 22 21 3d 3d 61 2e 69 61 62 54 79 70 65 7c 7c 28 63 3d 7b 67 64 70 72 41 70 70 6c 69 65 73 3a 65 2e 6f 6e 65 54 72 75 73 74 49 41 42 67 64 70 72 41 70 70 6c 69 65 73 47 6c 6f 62 61 6c 6c 79 2c 63 6d 70 4c 6f 61 64 65 64 3a 21 31 2c 63 6d 70 53 74 61 74 75 73 3a 22 73 74 75 62 22 2c 0a 64 69 73 70 6c 61 79 53 74 61 74 75 73 3a 22 73 74 75 62 22 2c 61 70 69 56 65 72 73 69 6f 6e 3a 22 32 2e 30 22 2c 63 6d 70 56 65 72 73 69 6f 6e 3a 76 6f 69 64 20 30 2c 63 6d 70 49 64 3a 76 6f 69 64 20 30 2c 67 76 6c 56 65 72 73 69 6f 6e 3a 76 6f 69 64 20 30 2c 74 63 66 50 6f 6c 69
                                                                                                                                                                                                                                                                                                                                  Data Ascii: r c,d;void 0===c&&(c=!1);b&&(d=!(c={}),"IAB2"!==a.iabType&&"IAB2V2"!==a.iabType||(c={gdprApplies:e.oneTrustIABgdprAppliesGlobally,cmpLoaded:!1,cmpStatus:"stub",displayStatus:"stub",apiVersion:"2.0",cmpVersion:void 0,cmpId:void 0,gvlVersion:void 0,tcfPoli
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC1213INData Raw: 63 74 76 31 22 3b 68 2e 55 43 50 41 3d 22 75 73 75 74 76 31 22 3b 68 2e 49 41 42 32 56 32 3d 22 74 63 66 65 75 76 32 22 3b 28 68 3d 76 3d 76 7c 7c 7b 7d 29 5b 68 2e 43 50 52 41 3d 38 5d 3d 22 43 50 52 41 22 3b 68 5b 68 2e 43 43 50 41 3d 38 5d 3d 22 43 43 50 41 22 3b 68 5b 68 2e 43 44 50 41 3d 39 5d 3d 22 43 44 50 41 22 3b 68 5b 68 2e 55 53 4e 41 54 49 4f 4e 41 4c 3d 37 5d 3d 22 55 53 4e 41 54 49 4f 4e 41 4c 22 3b 68 5b 68 2e 43 4f 4c 4f 52 41 44 4f 3d 31 30 5d 3d 22 43 4f 4c 4f 52 41 44 4f 22 3b 68 5b 68 2e 55 43 50 41 3d 31 31 5d 3d 22 55 43 50 41 22 3b 68 5b 68 2e 43 54 44 50 41 3d 31 32 5d 3d 22 43 54 44 50 41 22 3b 68 5b 68 2e 49 41 42 32 56 32 3d 32 5d 3d 22 49 41 42 32 56 32 22 3b 76 61 72 20 43 3d 28 70 2e 4e 61 6d 65 2c 22 50 52 4f 44 55 43 54 49
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ctv1";h.UCPA="usutv1";h.IAB2V2="tcfeuv2";(h=v=v||{})[h.CPRA=8]="CPRA";h[h.CCPA=8]="CCPA";h[h.CDPA=9]="CDPA";h[h.USNATIONAL=7]="USNATIONAL";h[h.COLORADO=10]="COLORADO";h[h.UCPA=11]="UCPA";h[h.CTDPA=12]="CTDPA";h[h.IAB2V2=2]="IAB2V2";var C=(p.Name,"PRODUCTI
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC1369INData Raw: 33 35 36 61 0d 0a 77 69 6e 64 6f 77 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 6d 65 73 73 61 67 65 22 2c 61 2e 6d 65 73 73 61 67 65 48 61 6e 64 6c 65 72 2c 21 31 29 2c 61 2e 61 64 64 46 72 61 6d 65 28 61 2e 4c 4f 43 41 54 4f 52 5f 4e 41 4d 45 29 29 7d 3b 74 68 69 73 2e 72 65 6d 6f 76 65 47 70 70 41 70 69 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 64 65 6c 65 74 65 20 61 2e 77 69 6e 2e 5f 5f 67 70 70 3b 0a 76 61 72 20 62 3d 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 22 69 66 72 61 6d 65 5b 6e 61 6d 65 5c 78 33 64 22 2b 61 2e 4c 4f 43 41 54 4f 52 5f 4e 41 4d 45 2b 22 5d 22 29 5b 30 5d 3b 62 26 26 62 2e 70 61 72 65 6e 74 45 6c 65 6d 65 6e 74 2e 72 65 6d 6f 76 65 43 68 69 6c 64 28 62 29 7d 3b 74 68 69 73 2e 65 78 65
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 356awindow.addEventListener("message",a.messageHandler,!1),a.addFrame(a.LOCATOR_NAME))};this.removeGppApi=function(){delete a.win.__gpp;var b=document.querySelectorAll("iframe[name\x3d"+a.LOCATOR_NAME+"]")[0];b&&b.parentElement.removeChild(b)};this.exe
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC1369INData Raw: 6d 65 73 5b 62 5d 7c 7c 28 64 2e 62 6f 64 79 3f 28 28 63 3d 64 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 69 66 72 61 6d 65 22 29 29 2e 73 74 79 6c 65 2e 63 73 73 54 65 78 74 3d 22 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 22 2c 63 2e 6e 61 6d 65 3d 62 2c 63 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 22 74 69 74 6c 65 22 2c 22 47 50 50 20 4c 6f 63 61 74 6f 72 22 29 2c 64 2e 62 6f 64 79 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 63 29 29 3a 73 65 74 54 69 6d 65 6f 75 74 28 66 75 6e 63 74 69 6f 6e 28 29 7b 61 2e 61 64 64 46 72 61 6d 65 28 62 29 7d 2c 35 29 29 7d 3b 74 68 69 73 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 3d 66 75 6e 63 74 69 6f 6e 28 62 2c 63 29 7b 76 61 72 20 64 3d 61 2e 77 69 6e 2e 5f 5f 67 70 70 3b 72 65 74 75 72 6e 20 64 2e 65 76 65 6e
                                                                                                                                                                                                                                                                                                                                  Data Ascii: mes[b]||(d.body?((c=d.createElement("iframe")).style.cssText="display:none",c.name=b,c.setAttribute("title","GPP Locator"),d.body.appendChild(c)):setTimeout(function(){a.addFrame(b)},5))};this.addEventListener=function(b,c){var d=a.win.__gpp;return d.even
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC1369INData Raw: 68 69 73 2e 66 65 74 63 68 42 61 6e 6e 65 72 53 44 4b 44 65 70 65 6e 64 65 6e 63 79 28 29 3b 74 68 69 73 2e 63 61 70 74 75 72 65 4e 6f 6e 63 65 28 29 7d 2c 6b 2e 70 72 6f 74 6f 74 79 70 65 2e 63 61 70 74 75 72 65 4e 6f 6e 63 65 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73 2e 6e 6f 6e 63 65 3d 65 2e 73 74 75 62 53 63 72 69 70 74 45 6c 65 6d 65 6e 74 2e 6e 6f 6e 63 65 7c 7c 65 2e 73 74 75 62 53 63 72 69 70 74 45 6c 65 6d 65 6e 74 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 6e 6f 6e 63 65 22 29 7c 7c 6e 75 6c 6c 7d 2c 6b 2e 70 72 6f 74 6f 74 79 70 65 2e 66 65 74 63 68 42 61 6e 6e 65 72 53 44 4b 44 65 70 65 6e 64 65 6e 63 79 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73 2e 73 65 74 44 6f 6d 61 69 6e 44 61 74 61 46 69 6c 65 55 52 4c 28 29 3b 74 68 69 73
                                                                                                                                                                                                                                                                                                                                  Data Ascii: his.fetchBannerSDKDependency();this.captureNonce()},k.prototype.captureNonce=function(){this.nonce=e.stubScriptElement.nonce||e.stubScriptElement.getAttribute("nonce")||null},k.prototype.fetchBannerSDKDependency=function(){this.setDomainDataFileURL();this
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC1369INData Raw: 6e 64 6f 77 3b 63 2e 4f 6e 65 54 72 75 73 74 26 26 63 2e 4f 6e 65 54 72 75 73 74 2e 67 65 6f 6c 6f 63 61 74 69 6f 6e 52 65 73 70 6f 6e 73 65 3f 28 63 3d 63 2e 4f 6e 65 54 72 75 73 74 2e 67 65 6f 6c 6f 63 61 74 69 6f 6e 52 65 73 70 6f 6e 73 65 2c 74 68 69 73 2e 73 65 74 47 65 6f 4c 6f 63 61 74 69 6f 6e 28 63 2e 63 6f 75 6e 74 72 79 43 6f 64 65 2c 0a 63 2e 73 74 61 74 65 43 6f 64 65 29 2c 74 68 69 73 2e 61 64 64 42 61 6e 6e 65 72 53 44 4b 53 63 72 69 70 74 28 61 29 29 3a 28 63 3d 74 68 69 73 2e 72 65 61 64 43 6f 6f 6b 69 65 50 61 72 61 6d 28 65 2e 6f 70 74 61 6e 6f 6e 43 6f 6f 6b 69 65 4e 61 6d 65 2c 65 2e 67 65 6f 6c 6f 63 61 74 69 6f 6e 43 6f 6f 6b 69 65 73 50 61 72 61 6d 29 29 7c 7c 61 2e 53 6b 69 70 47 65 6f 6c 6f 63 61 74 69 6f 6e 3f 28 62 3d 63 2e 73
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ndow;c.OneTrust&&c.OneTrust.geolocationResponse?(c=c.OneTrust.geolocationResponse,this.setGeoLocation(c.countryCode,c.stateCode),this.addBannerSDKScript(a)):(c=this.readCookieParam(e.optanonCookieName,e.geolocationCookiesParam))||a.SkipGeolocation?(b=c.s


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  5192.168.2.74971950.56.19.1124437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC800OUTGET /WebResource.axd?d=NjxTqR2bqTw1rewxxlkHPoKtHrXAWC0HAaoiA_KkRcUyXkV02CSw2viy3BbwqQQWnOeUM4JljOrJ6SdN8P6xkcmc02D5IE0_hoR3ujKOHMUMV0D80Ax-2HQgUBn3JFGVcQMIptO-sbrJg4UhPcfKleFkBd3KXta5g771qRLz1--cqQWHZet4VERXE7zwP_V-_reX4bmQVhWS6yxLXOsj2Tnqll01&t=638477158040000000 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/download/fiddler/first-run
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC500INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Cache-Control: public
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/x-javascript
                                                                                                                                                                                                                                                                                                                                  Expires: Wed, 23 Apr 2025 07:06:25 GMT
                                                                                                                                                                                                                                                                                                                                  Last-Modified: Wed, 03 Apr 2024 14:36:44 GMT
                                                                                                                                                                                                                                                                                                                                  Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: http://localconverter.telerik.com
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:32 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Length: 4191
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC3863INData Raw: ef bb bf 76 61 72 20 50 65 72 73 6f 6e 61 6c 69 7a 61 74 69 6f 6e 54 72 61 63 6b 65 72 20 3d 20 6e 75 6c 6c 3b 20 21 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 22 75 73 65 20 73 74 72 69 63 74 22 3b 20 50 65 72 73 6f 6e 61 6c 69 7a 61 74 69 6f 6e 54 72 61 63 6b 65 72 20 3d 20 7b 20 5f 63 61 6e 54 72 61 63 6b 3a 20 21 31 2c 20 5f 70 61 67 65 49 64 3a 20 6e 75 6c 6c 2c 20 5f 75 72 6c 3a 20 21 31 2c 20 74 72 61 63 6b 3a 20 66 75 6e 63 74 69 6f 6e 20 28 65 29 20 7b 20 69 66 20 28 50 65 72 73 6f 6e 61 6c 69 7a 61 74 69 6f 6e 54 72 61 63 6b 65 72 2e 5f 63 61 6e 54 72 61 63 6b 20 3d 20 65 2c 20 50 65 72 73 6f 6e 61 6c 69 7a 61 74 69 6f 6e 54 72 61 63 6b 65 72 2e 5f 63 61 6e 54 72 61 63 6b 29 20 7b 20 69 66 20 28 21 50 65 72 73 6f 6e 61 6c 69 7a 61 74 69 6f 6e 54
                                                                                                                                                                                                                                                                                                                                  Data Ascii: var PersonalizationTracker = null; !function () { "use strict"; PersonalizationTracker = { _canTrack: !1, _pageId: null, _url: !1, track: function (e) { if (PersonalizationTracker._canTrack = e, PersonalizationTracker._canTrack) { if (!PersonalizationT
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC328INData Raw: 6e 54 72 61 63 6b 65 72 2e 74 72 61 63 6b 28 21 30 29 3b 20 76 61 72 20 65 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 50 65 72 73 6f 6e 61 6c 69 7a 61 74 69 6f 6e 54 72 61 63 6b 65 72 22 29 2c 20 72 20 3d 20 4a 53 4f 4e 2e 70 61 72 73 65 28 65 2e 69 6e 6e 65 72 54 65 78 74 29 3b 20 69 66 20 28 21 72 29 20 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 50 65 72 73 6f 6e 61 6c 69 7a 61 74 69 6f 6e 20 74 72 61 63 6b 65 72 20 61 72 67 75 6d 65 6e 74 73 20 61 72 65 20 77 72 6f 6e 67 21 22 29 3b 20 72 2e 49 73 50 61 67 65 50 65 72 73 6f 6e 61 6c 69 7a 61 74 69 6f 6e 54 61 72 67 65 74 20 26 26 20 50 65 72 73 6f 6e 61 6c 69 7a 61 74 69 6f 6e 54 72 61 63 6b 65 72 2e 74 72 61 63 6b 50 61 67 65 28 72 2e 50 61 67 65 49 64
                                                                                                                                                                                                                                                                                                                                  Data Ascii: nTracker.track(!0); var e = document.getElementById("PersonalizationTracker"), r = JSON.parse(e.innerText); if (!r) throw new Error("Personalization tracker arguments are wrong!"); r.IsPagePersonalizationTarget && PersonalizationTracker.trackPage(r.PageId


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  6192.168.2.74972913.226.251.884437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC592OUTGET /fonts/2.2.7/metric/Metric-Light.woff2 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: d6vtbcy3ong79.cloudfront.net
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: font
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC503INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Content-Type: font/woff2
                                                                                                                                                                                                                                                                                                                                  Content-Length: 34032
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,max-age=31536000
                                                                                                                                                                                                                                                                                                                                  Last-Modified: Wed, 10 Apr 2024 08:36:16 GMT
                                                                                                                                                                                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  Date: Mon, 22 Apr 2024 10:38:46 GMT
                                                                                                                                                                                                                                                                                                                                  X-Cache: Hit from cloudfront
                                                                                                                                                                                                                                                                                                                                  Via: 1.1 6aaf927e424e83f0c17de5d680c855c0.cloudfront.net (CloudFront)
                                                                                                                                                                                                                                                                                                                                  X-Amz-Cf-Pop: LAX50-C3
                                                                                                                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                                                                  X-Amz-Cf-Id: MXv9dd4k0LWpPOE-Lwa6kznqeTRqxvaPoYGDLJJdlj7S5gWbbHBYrA==
                                                                                                                                                                                                                                                                                                                                  Age: 132645
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC16384INData Raw: 77 4f 46 32 00 01 00 00 00 00 84 f0 00 13 00 00 00 01 99 d8 00 00 83 4a 00 01 00 83 00 00 83 b4 00 00 01 3c 00 00 03 36 00 00 00 00 00 00 00 00 1b 81 90 3e 1c 96 0e 14 83 52 06 60 16 8b 60 00 8b 16 08 52 09 82 73 11 14 0a 83 eb 20 83 be 33 12 bd 58 01 36 02 24 03 8e 1a 0b 87 1e 00 04 20 05 8e 35 07 99 02 0c 84 56 5b 78 7e 91 04 d9 6e f7 83 17 94 0a b7 0d 00 ce be fe 5a d9 e7 00 db a6 c5 cf 6e 1b 01 92 7f 1e 5d 5c 46 09 de 74 0b b9 9d 27 1a 75 bc 6f f6 ff ff ff ff 7f 76 52 19 43 db 00 69 0b a8 8a ce dd b9 fd ff 85 62 42 65 14 0f 93 da 7a 9f 64 a6 84 74 60 b6 18 20 17 02 26 ac 90 b2 e9 c1 ea e6 60 8f 70 19 56 85 e1 3e b8 44 a5 eb b6 98 d3 19 73 18 bb 87 1b 27 6f 42 d5 1a 5e 0e 48 39 10 73 32 95 f2 e8 32 d6 94 28 8a 62 8a 3b d1 bc 34 75 da 36 f5 e4 41 48 66
                                                                                                                                                                                                                                                                                                                                  Data Ascii: wOF2J<6>R``Rs 3X6$ 5V[x~nZn]\Ft'uovRCibBezdt` &`pV>Ds'oB^H9s22(b;4u6AHf
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC16384INData Raw: 9d b2 32 5d 8a 07 16 82 c3 a2 7d bd 4f 63 c3 81 db 41 38 c0 56 4d 1d 5b 02 97 da af b2 e1 bb 31 34 ce b8 cd 60 8a 7f c9 f6 cf e6 bb 09 b7 02 f3 a9 31 3a 37 7d 51 3d d3 c4 6c 9a 61 fc a5 a2 14 c1 2c 63 d6 fa be e0 ab 35 7c be e6 6b a0 a6 aa d5 9b 6e f4 d8 59 87 56 82 5e 10 60 06 63 ac d1 00 7b b1 67 87 1e 08 40 45 be e0 0d 6e 8f c0 73 01 1a a2 e5 e5 86 db 7e 84 ff 64 e7 18 5c 49 8a 00 7e 21 14 41 24 04 86 e2 02 09 44 04 d2 f7 3d 7f bf 6f 7c 7d be f1 f3 7f 0f 1c e0 56 5f cb 6a 8d 50 04 22 22 c8 11 19 60 46 05 b9 62 0f 7f 52 c3 bb f8 13 d0 39 ac 66 db 09 34 7e b7 b8 88 26 36 94 25 69 19 c9 7a b1 36 68 e2 2d 20 5b 98 28 6e be 96 48 55 57 a1 7d 58 dc ee d8 3c 41 2e 72 93 98 a4 6b 3f ae 25 76 bf ac 7c f6 cc 79 64 d6 ce 4c 01 dd d9 cf 80 52 f7 42 ed 38 92 d2 5e
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 2]}OcA8VM[14`1:7}Q=la,c5|knYV^`c{g@Ens~d\I~!A$D=o|}V_jP""`FbR9f4~&6%iz6h- [(nHUW}X<A.rk?%v|ydLRB8^
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC1264INData Raw: 72 8e 75 20 b6 80 d5 72 3b 02 4e bd ef 35 69 0d a8 6e 8e 02 d2 a6 49 0c 63 b6 0d a0 ea 30 18 8b a8 33 6e 29 57 c5 aa 34 ea 33 ea a2 c9 aa 75 a8 7e d5 92 56 59 db b6 bc 57 cd 49 16 40 3b b4 cd 56 d7 ae db 61 8f 1a 26 c0 04 f9 56 6b d5 67 2e 65 8e ed 01 25 1a 93 0a af 3b cc b5 dd 9d e3 01 45 32 f2 ef ec 78 90 6b 0b fe 98 e3 d8 d3 09 06 87 7d cf c9 61 12 4a 2e 98 12 19 7b e6 44 3c b9 09 e4 d0 0b a8 77 41 91 fc 46 66 9f 97 72 f1 f6 4d 4a 7f bd f8 f7 c6 30 df aa 96 85 2b 0f 77 e8 7c d7 0d a8 61 af 2c fd bf 5c b4 57 18 5f 84 a4 df 11 94 cc 43 b4 92 ee 06 36 dd 50 67 bb e5 3e 9c 4c 3a 8d 5a fb 21 e2 7a 9b fa d8 b3 ab 0a 0a 19 fb 8e d8 b0 2d 52 b6 3b 2c 76 cb 7c 07 0c c1 8a 73 af 06 af d9 4d 3e ea 30 b7 63 ac 4d 85 36 88 6e e4 4e 33 b3 a3 d8 02 50 11 c1 a6 7e 51
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ru r;N5inIc03n)W43u~VYWI@;Va&Vkg.e%;E2xk}aJ.{D<wAFfrMJ0+w|a,\W_C6Pg>L:Z!z-R;,v|sM>0cM6nN3P~Q


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  7192.168.2.749721104.17.25.144437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC555OUTGET /ajax/libs/jquery/3.7.1/jquery.min.js HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: cdnjs.cloudflare.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC956INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:33 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/javascript; charset=utf-8
                                                                                                                                                                                                                                                                                                                                  Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  Cache-Control: public, max-age=30672000
                                                                                                                                                                                                                                                                                                                                  ETag: W/"64ed75bb-76fe"
                                                                                                                                                                                                                                                                                                                                  Last-Modified: Tue, 29 Aug 2023 04:36:11 GMT
                                                                                                                                                                                                                                                                                                                                  cf-cdnjs-via: cfworker/kv
                                                                                                                                                                                                                                                                                                                                  Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                                                                  Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  CF-Cache-Status: MISS
                                                                                                                                                                                                                                                                                                                                  Expires: Sun, 13 Apr 2025 23:29:32 GMT
                                                                                                                                                                                                                                                                                                                                  Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u7BqeHplpVblr51rEMF%2F4MllghpcXGITHJsZsPCGUoH%2FRVyptb5CpX7ZuIoB%2BRU7eaU%2BApt%2F1ZUgePG%2Bf7FaKpYZ%2BXhnBzno61Ns5wBMLjHr70Maa%2F1Fbudc6bZjphBcHhMFh3Ms"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                                                                                  NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=15780000
                                                                                                                                                                                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                                                                                                                                                                                  CF-RAY: 8791a2e45d5c09f3-LAS
                                                                                                                                                                                                                                                                                                                                  alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC413INData Raw: 37 62 66 35 0d 0a 2f 2a 21 20 6a 51 75 65 72 79 20 76 33 2e 37 2e 31 20 7c 20 28 63 29 20 4f 70 65 6e 4a 53 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 6f 74 68 65 72 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 20 7c 20 6a 71 75 65 72 79 2e 6f 72 67 2f 6c 69 63 65 6e 73 65 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 65 2e 64 6f 63 75 6d 65 6e 74 3f 74 28 65 2c 21 30 29 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 21 65 2e 64 6f 63 75 6d 65 6e 74 29 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 7bf5/*! jQuery v3.7.1 | (c) OpenJS Foundation and other contributors | jquery.org/license */!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Erro
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC1369INData Raw: 6f 74 79 70 65 4f 66 2c 61 65 3d 6f 65 2e 73 6c 69 63 65 2c 67 3d 6f 65 2e 66 6c 61 74 3f 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 6f 65 2e 66 6c 61 74 2e 63 61 6c 6c 28 65 29 7d 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 6f 65 2e 63 6f 6e 63 61 74 2e 61 70 70 6c 79 28 5b 5d 2c 65 29 7d 2c 73 3d 6f 65 2e 70 75 73 68 2c 73 65 3d 6f 65 2e 69 6e 64 65 78 4f 66 2c 6e 3d 7b 7d 2c 69 3d 6e 2e 74 6f 53 74 72 69 6e 67 2c 75 65 3d 6e 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 2c 6f 3d 75 65 2e 74 6f 53 74 72 69 6e 67 2c 61 3d 6f 2e 63 61 6c 6c 28 4f 62 6a 65 63 74 29 2c 6c 65 3d 7b 7d 2c 76 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 65 26 26 22 6e 75 6d 62 65
                                                                                                                                                                                                                                                                                                                                  Data Ascii: otypeOf,ae=oe.slice,g=oe.flat?function(e){return oe.flat.call(e)}:function(e){return oe.concat.apply([],e)},s=oe.push,se=oe.indexOf,n={},i=n.toString,ue=n.hasOwnProperty,o=ue.toString,a=o.call(Object),le={},v=function(e){return"function"==typeof e&&"numbe
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC1369INData Raw: 74 2c 65 29 7d 29 29 7d 2c 73 6c 69 63 65 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 70 75 73 68 53 74 61 63 6b 28 61 65 2e 61 70 70 6c 79 28 74 68 69 73 2c 61 72 67 75 6d 65 6e 74 73 29 29 7d 2c 66 69 72 73 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 65 71 28 30 29 7d 2c 6c 61 73 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 65 71 28 2d 31 29 7d 2c 65 76 65 6e 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 70 75 73 68 53 74 61 63 6b 28 63 65 2e 67 72 65 70 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 28 74 2b 31 29 25 32 7d 29 29 7d 2c 6f 64 64 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69
                                                                                                                                                                                                                                                                                                                                  Data Ascii: t,e)}))},slice:function(){return this.pushStack(ae.apply(this,arguments))},first:function(){return this.eq(0)},last:function(){return this.eq(-1)},even:function(){return this.pushStack(ce.grep(this,function(e,t){return(t+1)%2}))},odd:function(){return thi
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC1369INData Raw: 2c 65 61 63 68 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 76 61 72 20 6e 2c 72 3d 30 3b 69 66 28 63 28 65 29 29 7b 66 6f 72 28 6e 3d 65 2e 6c 65 6e 67 74 68 3b 72 3c 6e 3b 72 2b 2b 29 69 66 28 21 31 3d 3d 3d 74 2e 63 61 6c 6c 28 65 5b 72 5d 2c 72 2c 65 5b 72 5d 29 29 62 72 65 61 6b 7d 65 6c 73 65 20 66 6f 72 28 72 20 69 6e 20 65 29 69 66 28 21 31 3d 3d 3d 74 2e 63 61 6c 6c 28 65 5b 72 5d 2c 72 2c 65 5b 72 5d 29 29 62 72 65 61 6b 3b 72 65 74 75 72 6e 20 65 7d 2c 74 65 78 74 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 2c 6e 3d 22 22 2c 72 3d 30 2c 69 3d 65 2e 6e 6f 64 65 54 79 70 65 3b 69 66 28 21 69 29 77 68 69 6c 65 28 74 3d 65 5b 72 2b 2b 5d 29 6e 2b 3d 63 65 2e 74 65 78 74 28 74 29 3b 72 65 74 75 72 6e 20 31 3d 3d 3d 69 7c 7c 31 31 3d 3d 3d
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ,each:function(e,t){var n,r=0;if(c(e)){for(n=e.length;r<n;r++)if(!1===t.call(e[r],r,e[r]))break}else for(r in e)if(!1===t.call(e[r],r,e[r]))break;return e},text:function(e){var t,n="",r=0,i=e.nodeType;if(!i)while(t=e[r++])n+=ce.text(t);return 1===i||11===
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC1369INData Raw: 69 6e 73 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 76 61 72 20 6e 3d 74 26 26 74 2e 70 61 72 65 6e 74 4e 6f 64 65 3b 72 65 74 75 72 6e 20 65 3d 3d 3d 6e 7c 7c 21 28 21 6e 7c 7c 31 21 3d 3d 6e 2e 6e 6f 64 65 54 79 70 65 7c 7c 21 28 65 2e 63 6f 6e 74 61 69 6e 73 3f 65 2e 63 6f 6e 74 61 69 6e 73 28 6e 29 3a 65 2e 63 6f 6d 70 61 72 65 44 6f 63 75 6d 65 6e 74 50 6f 73 69 74 69 6f 6e 26 26 31 36 26 65 2e 63 6f 6d 70 61 72 65 44 6f 63 75 6d 65 6e 74 50 6f 73 69 74 69 6f 6e 28 6e 29 29 29 7d 3b 76 61 72 20 66 3d 2f 28 5b 5c 30 2d 5c 78 31 66 5c 78 37 66 5d 7c 5e 2d 3f 5c 64 29 7c 5e 2d 24 7c 5b 5e 5c 78 38 30 2d 5c 75 46 46 46 46 5c 77 2d 5d 2f 67 3b 66 75 6e 63 74 69 6f 6e 20 70 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 74 3f 22 5c 30 22 3d 3d 3d 65 3f 22 5c 75
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ins=function(e,t){var n=t&&t.parentNode;return e===n||!(!n||1!==n.nodeType||!(e.contains?e.contains(n):e.compareDocumentPosition&&16&e.compareDocumentPosition(n)))};var f=/([\0-\x1f\x7f]|^-?\d)|^-$|[^\x80-\uFFFF\w-]/g;function p(e,t){return t?"\0"===e?"\u
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC1369INData Raw: 28 5c 5c 64 2a 29 6e 7c 29 22 2b 67 65 2b 22 2a 28 3f 3a 28 5b 2b 2d 5d 7c 29 22 2b 67 65 2b 22 2a 28 5c 5c 64 2b 29 7c 29 29 22 2b 67 65 2b 22 2a 5c 5c 29 7c 29 22 2c 22 69 22 29 2c 62 6f 6f 6c 3a 6e 65 77 20 52 65 67 45 78 70 28 22 5e 28 3f 3a 22 2b 66 2b 22 29 24 22 2c 22 69 22 29 2c 6e 65 65 64 73 43 6f 6e 74 65 78 74 3a 6e 65 77 20 52 65 67 45 78 70 28 22 5e 22 2b 67 65 2b 22 2a 5b 3e 2b 7e 5d 7c 3a 28 65 76 65 6e 7c 6f 64 64 7c 65 71 7c 67 74 7c 6c 74 7c 6e 74 68 7c 66 69 72 73 74 7c 6c 61 73 74 29 28 3f 3a 5c 5c 28 22 2b 67 65 2b 22 2a 28 28 3f 3a 2d 5c 5c 64 29 3f 5c 5c 64 2a 29 22 2b 67 65 2b 22 2a 5c 5c 29 7c 29 28 3f 3d 5b 5e 2d 5d 7c 24 29 22 2c 22 69 22 29 7d 2c 4e 3d 2f 5e 28 3f 3a 69 6e 70 75 74 7c 73 65 6c 65 63 74 7c 74 65 78 74 61 72 65
                                                                                                                                                                                                                                                                                                                                  Data Ascii: (\\d*)n|)"+ge+"*(?:([+-]|)"+ge+"*(\\d+)|))"+ge+"*\\)|)","i"),bool:new RegExp("^(?:"+f+")$","i"),needsContext:new RegExp("^"+ge+"*[>+~]|:(even|odd|eq|gt|lt|nth|first|last)(?:\\("+ge+"*((?:-\\d)?\\d*)"+ge+"*\\)|)(?=[^-]|$)","i")},N=/^(?:input|select|textare
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC1369INData Raw: 29 7b 69 66 28 63 3d 74 2c 66 3d 65 2c 31 3d 3d 3d 70 26 26 28 78 2e 74 65 73 74 28 74 29 7c 7c 6d 2e 74 65 73 74 28 74 29 29 29 7b 28 66 3d 48 2e 74 65 73 74 28 74 29 26 26 55 28 65 2e 70 61 72 65 6e 74 4e 6f 64 65 29 7c 7c 65 29 3d 3d 65 26 26 6c 65 2e 73 63 6f 70 65 7c 7c 28 28 73 3d 65 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 69 64 22 29 29 3f 73 3d 63 65 2e 65 73 63 61 70 65 53 65 6c 65 63 74 6f 72 28 73 29 3a 65 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 22 69 64 22 2c 73 3d 53 29 29 2c 6f 3d 28 6c 3d 59 28 74 29 29 2e 6c 65 6e 67 74 68 3b 77 68 69 6c 65 28 6f 2d 2d 29 6c 5b 6f 5d 3d 28 73 3f 22 23 22 2b 73 3a 22 3a 73 63 6f 70 65 22 29 2b 22 20 22 2b 51 28 6c 5b 6f 5d 29 3b 63 3d 6c 2e 6a 6f 69 6e 28 22 2c 22 29 7d 74 72 79 7b 72 65 74 75 72 6e
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ){if(c=t,f=e,1===p&&(x.test(t)||m.test(t))){(f=H.test(t)&&U(e.parentNode)||e)==e&&le.scope||((s=e.getAttribute("id"))?s=ce.escapeSelector(s):e.setAttribute("id",s=S)),o=(l=Y(t)).length;while(o--)l[o]=(s?"#"+s:":scope")+" "+Q(l[o]);c=l.join(",")}try{return
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC1369INData Raw: 6d 65 6e 74 26 26 28 72 3d 28 54 3d 6e 29 2e 64 6f 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 2c 43 3d 21 63 65 2e 69 73 58 4d 4c 44 6f 63 28 54 29 2c 69 3d 72 2e 6d 61 74 63 68 65 73 7c 7c 72 2e 77 65 62 6b 69 74 4d 61 74 63 68 65 73 53 65 6c 65 63 74 6f 72 7c 7c 72 2e 6d 73 4d 61 74 63 68 65 73 53 65 6c 65 63 74 6f 72 2c 72 2e 6d 73 4d 61 74 63 68 65 73 53 65 6c 65 63 74 6f 72 26 26 79 65 21 3d 54 26 26 28 74 3d 54 2e 64 65 66 61 75 6c 74 56 69 65 77 29 26 26 74 2e 74 6f 70 21 3d 3d 74 26 26 74 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 75 6e 6c 6f 61 64 22 2c 4d 29 2c 6c 65 2e 67 65 74 42 79 49 64 3d 24 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 72 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 65 29 2e 69 64 3d 63 65 2e 65 78 70 61
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ment&&(r=(T=n).documentElement,C=!ce.isXMLDoc(T),i=r.matches||r.webkitMatchesSelector||r.msMatchesSelector,r.msMatchesSelector&&ye!=T&&(t=T.defaultView)&&t.top!==t&&t.addEventListener("unload",M),le.getById=$(function(e){return r.appendChild(e).id=ce.expa
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC1369INData Raw: 65 6d 65 6e 74 73 42 79 43 6c 61 73 73 4e 61 6d 65 26 26 43 29 72 65 74 75 72 6e 20 74 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 43 6c 61 73 73 4e 61 6d 65 28 65 29 7d 2c 64 3d 5b 5d 2c 24 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3b 72 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 65 29 2e 69 6e 6e 65 72 48 54 4d 4c 3d 22 3c 61 20 69 64 3d 27 22 2b 53 2b 22 27 20 68 72 65 66 3d 27 27 20 64 69 73 61 62 6c 65 64 3d 27 64 69 73 61 62 6c 65 64 27 3e 3c 2f 61 3e 3c 73 65 6c 65 63 74 20 69 64 3d 27 22 2b 53 2b 22 2d 5c 72 5c 5c 27 20 64 69 73 61 62 6c 65 64 3d 27 64 69 73 61 62 6c 65 64 27 3e 3c 6f 70 74 69 6f 6e 20 73 65 6c 65 63 74 65 64 3d 27 27 3e 3c 2f 6f 70 74 69 6f 6e 3e 3c 2f 73 65 6c 65 63 74 3e 22 2c 65 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ementsByClassName&&C)return t.getElementsByClassName(e)},d=[],$(function(e){var t;r.appendChild(e).innerHTML="<a id='"+S+"' href='' disabled='disabled'></a><select id='"+S+"-\r\\' disabled='disabled'><option selected=''></option></select>",e.querySelector
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC1369INData Raw: 65 6c 65 63 74 6f 72 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 69 66 28 56 28 65 29 2c 43 26 26 21 68 5b 74 2b 22 20 22 5d 26 26 28 21 64 7c 7c 21 64 2e 74 65 73 74 28 74 29 29 29 74 72 79 7b 76 61 72 20 6e 3d 69 2e 63 61 6c 6c 28 65 2c 74 29 3b 69 66 28 6e 7c 7c 6c 65 2e 64 69 73 63 6f 6e 6e 65 63 74 65 64 4d 61 74 63 68 7c 7c 65 2e 64 6f 63 75 6d 65 6e 74 26 26 31 31 21 3d 3d 65 2e 64 6f 63 75 6d 65 6e 74 2e 6e 6f 64 65 54 79 70 65 29 72 65 74 75 72 6e 20 6e 7d 63 61 74 63 68 28 65 29 7b 68 28 74 2c 21 30 29 7d 72 65 74 75 72 6e 20 30 3c 49 28 74 2c 54 2c 6e 75 6c 6c 2c 5b 65 5d 29 2e 6c 65 6e 67 74 68 7d 2c 49 2e 63 6f 6e 74 61 69 6e 73 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 28 65 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 7c
                                                                                                                                                                                                                                                                                                                                  Data Ascii: elector=function(e,t){if(V(e),C&&!h[t+" "]&&(!d||!d.test(t)))try{var n=i.call(e,t);if(n||le.disconnectedMatch||e.document&&11!==e.document.nodeType)return n}catch(e){h(t,!0)}return 0<I(t,T,null,[e]).length},I.contains=function(e,t){return(e.ownerDocument|


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  8192.168.2.74972413.226.251.884437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC593OUTGET /fonts/2.2.7/metric/Metric-Medium.woff2 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: d6vtbcy3ong79.cloudfront.net
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: font
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC502INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Content-Type: font/woff2
                                                                                                                                                                                                                                                                                                                                  Content-Length: 32412
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,max-age=31536000
                                                                                                                                                                                                                                                                                                                                  Last-Modified: Tue, 23 Apr 2024 09:45:56 GMT
                                                                                                                                                                                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 18:13:48 GMT
                                                                                                                                                                                                                                                                                                                                  X-Cache: Hit from cloudfront
                                                                                                                                                                                                                                                                                                                                  Via: 1.1 30ffaf80b49b4df5a4a387cee5516fb8.cloudfront.net (CloudFront)
                                                                                                                                                                                                                                                                                                                                  X-Amz-Cf-Pop: LAX50-C3
                                                                                                                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                                                                  X-Amz-Cf-Id: fAtxn4Ei7qOlIaFh97e3HWjriV3pEvLI-Mv1Ai_ZgNsDPTdznxbG2Q==
                                                                                                                                                                                                                                                                                                                                  Age: 18944
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC8949INData Raw: 77 4f 46 32 00 01 00 00 00 00 7e 9c 00 13 00 00 00 01 6a 58 00 00 7c fb 00 01 00 83 00 00 7d 64 00 00 01 38 00 00 03 38 00 00 00 00 00 00 00 00 1b 81 8a 24 1c 96 0e 14 83 5b 06 60 16 8b 60 00 8b 36 08 34 09 82 73 11 10 0a 83 91 64 82 e5 08 12 bf 24 01 36 02 24 03 8e 3e 0b 87 30 00 04 20 05 8e 3f 07 99 58 0c 82 4f 5b 03 4f 91 02 d9 6e b7 de 37 48 15 ce 13 c0 66 cd 2a fd f0 25 78 f3 c4 a4 ee 7a f9 0d f0 ed 85 41 01 c7 e1 41 77 00 7b 4a de 7b b3 c5 ff ff ff ff 9f 9d 54 64 cc 26 1b c9 c6 00 10 c0 83 aa ff e5 b2 a1 a8 f6 b5 e1 a0 b0 70 18 a3 b4 36 85 a0 f1 51 cc a5 ce b1 40 8d 31 6e 0b b6 b8 e1 0a 2b 1d 46 ee ec db 2a b6 6d 54 a2 2d 83 b8 72 ec 47 cc 39 8e 6c 35 ed b8 ff e0 d2 a0 9c 71 8f 02 45 31 94 e4 bb a8 94 ed 7a 84 04 5a 1a 9c aa 51 62 88 0b 4d 2d 15 62
                                                                                                                                                                                                                                                                                                                                  Data Ascii: wOF2~jX|}d88$[``64sd$6$>0 ?XO[On7Hf*%xzAAw{J{Td&p6Q@1n+F*mT-rG9l5qE1zZQbM-b
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC16384INData Raw: 09 7e 27 b7 44 2c 9f 0c a2 b0 c7 7d 78 ac 04 c5 3f d1 12 14 8a 8a 42 83 8d d2 af 60 0d fb 7e ef d0 de ee 1b 3d 2b c8 88 50 eb fd c5 e6 f5 bb 8c f8 18 fd 57 b7 4d 47 3e 60 0a 35 f1 63 10 9d c9 fd 7f 16 e2 b4 3f 98 7a 31 53 14 62 bf d6 85 23 40 6f e1 81 4b 5a e4 e3 3c b9 7b 0b bd be b5 73 ae 45 6b 71 f0 bb 55 76 81 3c 3a 31 19 2b 43 1a 95 9c 49 c2 55 56 7c 0b ca ba 4a f3 ef 04 82 52 48 8c be 8f 8f 39 bb f3 67 71 2b 07 08 35 a4 0e c4 d4 2b 91 31 4c ef 15 da 4d fd 63 19 3a 32 08 72 16 f1 72 e6 8a 70 65 c9 ba 10 37 4c 6f 2b fc 30 69 de c7 c1 2e 47 6f 7f f5 09 3e 4c 78 d5 86 5d e4 6b 3e 7f f9 f4 62 16 e0 32 69 67 87 43 af 20 67 b0 83 0f 3b b1 f5 0a 22 9d 6d f1 b4 be 37 a8 90 6d 34 54 68 40 b5 86 07 a4 81 0f 08 20 f5 a2 51 6d 5d 66 a5 c4 a9 f6 c7 c7 b4 aa 3f f9
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ~'D,}x?B`~=+PWMG>`5c?z1Sb#@oKZ<{sEkqUv<:1+CIUV|JRH9gq+5+1LMc:2rrpe7Lo+0i.Go>Lx]k>b2igC g;"m7m4Th@ Qm]f?
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC7079INData Raw: b0 15 aa e6 00 f0 ca 5b 34 6a d4 39 e1 d1 1a fa 14 69 f2 43 31 7d 0b 6c 78 96 de 79 0d 8c 68 b2 04 12 22 dd 62 2d 52 9d 49 9a b7 16 dc 47 5a 16 38 87 70 87 33 13 fd 83 6b a9 1a f5 1c 5f 70 74 35 1f 3d 9e cb 29 42 0b 74 2a 0a c9 a9 11 ad 52 ef 39 aa 6c 7d e3 f1 2a 18 44 79 38 d0 ea 4a 32 46 a0 3c 66 e2 ea 7f 17 8e fb 63 4d ed a2 89 f3 00 ba 4b 23 74 46 78 89 dc 81 f1 0f c2 54 84 7d 45 e6 6d 66 f8 54 6d 49 95 71 a1 56 13 7c a1 16 7c 1a d3 8e c6 a3 4e 34 87 95 2e e4 6f e0 fd 79 ce 63 4a 66 3f c3 87 25 86 a9 c0 05 eb fd b0 72 1b 03 9d 1c 6d 38 c7 26 79 bf d5 50 b7 ed 58 1a 4d 17 8d 1e 60 e0 bc f3 bb 08 62 45 e0 8e 95 41 61 18 e9 ec 91 2f 1e a5 09 c6 85 78 c4 0b 54 1c 0a 24 83 6c b5 a0 2d 4b 05 f6 bc 5e 92 3d 43 d3 0f 9a b6 3a 45 6f b6 a0 80 3e cf be cd 92 21
                                                                                                                                                                                                                                                                                                                                  Data Ascii: [4j9iC1}lxyh"b-RIGZ8p3k_pt5=)Bt*R9l}*Dy8J2F<fcMK#tFxT}EmfTmIqV||N4.oycJf?%rm8&yPXM`bEAa/xT$l-K^=C:Eo>!


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  9192.168.2.749720104.17.25.144437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC571OUTGET /ajax/libs/jquery-migrate/3.4.1/jquery-migrate.min.js HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: cdnjs.cloudflare.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC948INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:33 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/javascript; charset=utf-8
                                                                                                                                                                                                                                                                                                                                  Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  Cache-Control: public, max-age=30672000
                                                                                                                                                                                                                                                                                                                                  ETag: W/"63f822fd-1327"
                                                                                                                                                                                                                                                                                                                                  Last-Modified: Fri, 24 Feb 2023 02:37:49 GMT
                                                                                                                                                                                                                                                                                                                                  cf-cdnjs-via: cfworker/kv
                                                                                                                                                                                                                                                                                                                                  Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                                                                  Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  CF-Cache-Status: MISS
                                                                                                                                                                                                                                                                                                                                  Expires: Sun, 13 Apr 2025 23:29:33 GMT
                                                                                                                                                                                                                                                                                                                                  Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TNjXgfayUtUiwqz946hI9lVuDU1n0XENCQ44l6GbuKATrr4mi%2B3DdAxK%2BSG3CBuq0BpHpw3lWQtj7Aib0Ip1nfKEpjv2xc4dl5jwjLcBrsYgsVpyO46JPlHwjOqUvFH02M%2Fz%2Fc57"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                                                                                  NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=15780000
                                                                                                                                                                                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                                                                                                                                                                                  CF-RAY: 8791a2e45dcd0ad7-LAS
                                                                                                                                                                                                                                                                                                                                  alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC421INData Raw: 33 35 33 34 0d 0a 2f 2a 21 20 6a 51 75 65 72 79 20 4d 69 67 72 61 74 65 20 76 33 2e 34 2e 31 20 7c 20 28 63 29 20 4f 70 65 6e 4a 53 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 6f 74 68 65 72 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 20 7c 20 6a 71 75 65 72 79 2e 6f 72 67 2f 6c 69 63 65 6e 73 65 20 2a 2f 0a 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 74 79 70 65 6f 66 20 6a 51 75 65 72 79 2e 6d 69 67 72 61 74 65 4d 75 74 65 26 26 28 6a 51 75 65 72 79 2e 6d 69 67 72 61 74 65 4d 75 74 65 3d 21 30 29 2c 66 75 6e 63 74 69 6f 6e 28 74 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 64 65 66 69 6e 65 26 26 64 65 66 69 6e 65 2e 61 6d 64 3f 64 65 66 69 6e 65 28 5b 22 6a 71 75 65 72 79 22 5d 2c 66 75 6e 63 74 69 6f
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 3534/*! jQuery Migrate v3.4.1 | (c) OpenJS Foundation and other contributors | jquery.org/license */"undefined"==typeof jQuery.migrateMute&&(jQuery.migrateMute=!0),function(t){"use strict";"function"==typeof define&&define.amd?define(["jquery"],functio
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC1369INData Raw: 29 7b 72 65 74 75 72 6e 20 30 3c 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 66 6f 72 28 76 61 72 20 72 3d 2f 5e 28 5c 64 2b 29 5c 2e 28 5c 64 2b 29 5c 2e 28 5c 64 2b 29 2f 2c 6e 3d 72 2e 65 78 65 63 28 65 29 7c 7c 5b 5d 2c 6f 3d 72 2e 65 78 65 63 28 74 29 7c 7c 5b 5d 2c 61 3d 31 3b 61 3c 3d 33 3b 61 2b 2b 29 7b 69 66 28 2b 6f 5b 61 5d 3c 2b 6e 5b 61 5d 29 72 65 74 75 72 6e 20 31 3b 69 66 28 2b 6e 5b 61 5d 3c 2b 6f 5b 61 5d 29 72 65 74 75 72 6e 2d 31 7d 72 65 74 75 72 6e 20 30 7d 28 73 2e 66 6e 2e 6a 71 75 65 72 79 2c 65 29 7d 73 2e 6d 69 67 72 61 74 65 56 65 72 73 69 6f 6e 3d 22 33 2e 34 2e 31 22 3b 76 61 72 20 74 3d 4f 62 6a 65 63 74 2e 63 72 65 61 74 65 28 6e 75 6c 6c 29 3b 73 2e 6d 69 67 72 61 74 65 44 69 73 61 62 6c 65 50 61 74 63 68 65 73 3d 66 75
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ){return 0<=function(e,t){for(var r=/^(\d+)\.(\d+)\.(\d+)/,n=r.exec(e)||[],o=r.exec(t)||[],a=1;a<=3;a++){if(+o[a]<+n[a])return 1;if(+n[a]<+o[a])return-1}return 0}(s.fn.jquery,e)}s.migrateVersion="3.4.1";var t=Object.create(null);s.migrateDisablePatches=fu
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC1369INData Raw: 28 65 2c 74 2c 72 2c 6e 2c 6f 29 2c 30 7d 66 75 6e 63 74 69 6f 6e 20 69 28 65 2c 74 2c 72 2c 6e 29 7b 72 65 74 75 72 6e 20 61 28 65 2c 74 2c 72 2c 6e 29 2c 30 7d 73 2e 6d 69 67 72 61 74 65 44 65 64 75 70 6c 69 63 61 74 65 57 61 72 6e 69 6e 67 73 3d 21 30 2c 73 2e 6d 69 67 72 61 74 65 57 61 72 6e 69 6e 67 73 3d 5b 5d 2c 76 6f 69 64 20 30 3d 3d 3d 73 2e 6d 69 67 72 61 74 65 54 72 61 63 65 26 26 28 73 2e 6d 69 67 72 61 74 65 54 72 61 63 65 3d 21 30 29 2c 73 2e 6d 69 67 72 61 74 65 52 65 73 65 74 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 6f 3d 7b 7d 2c 73 2e 6d 69 67 72 61 74 65 57 61 72 6e 69 6e 67 73 2e 6c 65 6e 67 74 68 3d 30 7d 2c 22 42 61 63 6b 43 6f 6d 70 61 74 22 3d 3d 3d 6e 2e 64 6f 63 75 6d 65 6e 74 2e 63 6f 6d 70 61 74 4d 6f 64 65 26 26 75 28 22 71 75 69
                                                                                                                                                                                                                                                                                                                                  Data Ascii: (e,t,r,n,o),0}function i(e,t,r,n){return a(e,t,r,n),0}s.migrateDeduplicateWarnings=!0,s.migrateWarnings=[],void 0===s.migrateTrace&&(s.migrateTrace=!0),s.migrateReset=function(){o={},s.migrateWarnings.length=0},"BackCompat"===n.document.compatMode&&u("qui
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC1369INData Raw: 7a 65 28 29 20 69 73 20 64 65 70 72 65 63 61 74 65 64 20 61 6e 64 20 72 65 6d 6f 76 65 64 3b 20 75 73 65 20 74 68 65 20 2e 6c 65 6e 67 74 68 20 70 72 6f 70 65 72 74 79 22 29 2c 63 28 73 2c 22 70 61 72 73 65 4a 53 4f 4e 22 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 4a 53 4f 4e 2e 70 61 72 73 65 2e 61 70 70 6c 79 28 6e 75 6c 6c 2c 61 72 67 75 6d 65 6e 74 73 29 7d 2c 22 70 61 72 73 65 4a 53 4f 4e 22 2c 22 6a 51 75 65 72 79 2e 70 61 72 73 65 4a 53 4f 4e 20 69 73 20 64 65 70 72 65 63 61 74 65 64 3b 20 75 73 65 20 4a 53 4f 4e 2e 70 61 72 73 65 22 29 2c 63 28 73 2c 22 68 6f 6c 64 52 65 61 64 79 22 2c 73 2e 68 6f 6c 64 52 65 61 64 79 2c 22 68 6f 6c 64 52 65 61 64 79 22 2c 22 6a 51 75 65 72 79 2e 68 6f 6c 64 52 65 61 64 79 20 69 73 20 64 65 70 72 65
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ze() is deprecated and removed; use the .length property"),c(s,"parseJSON",function(){return JSON.parse.apply(null,arguments)},"parseJSON","jQuery.parseJSON is deprecated; use JSON.parse"),c(s,"holdReady",s.holdReady,"holdReady","jQuery.holdReady is depre
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC1369INData Raw: 61 6c 6c 28 65 29 5d 7c 7c 22 6f 62 6a 65 63 74 22 3a 74 79 70 65 6f 66 20 65 7d 2c 22 74 79 70 65 22 2c 22 6a 51 75 65 72 79 2e 74 79 70 65 20 69 73 20 64 65 70 72 65 63 61 74 65 64 22 29 2c 63 28 73 2c 22 69 73 46 75 6e 63 74 69 6f 6e 22 2c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 65 7d 2c 22 69 73 46 75 6e 63 74 69 6f 6e 22 2c 22 6a 51 75 65 72 79 2e 69 73 46 75 6e 63 74 69 6f 6e 28 29 20 69 73 20 64 65 70 72 65 63 61 74 65 64 22 29 2c 63 28 73 2c 22 69 73 57 69 6e 64 6f 77 22 2c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 6e 75 6c 6c 21 3d 65 26 26 65 3d 3d 3d 65 2e 77 69 6e 64 6f 77 7d 2c 22 69 73 57 69 6e 64 6f 77 22 2c 22 6a 51 75 65 72 79 2e 69 73 57 69 6e 64 6f 77
                                                                                                                                                                                                                                                                                                                                  Data Ascii: all(e)]||"object":typeof e},"type","jQuery.type is deprecated"),c(s,"isFunction",function(e){return"function"==typeof e},"isFunction","jQuery.isFunction() is deprecated"),c(s,"isWindow",function(e){return null!=e&&e===e.window},"isWindow","jQuery.isWindow
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC1369INData Raw: 65 43 6c 61 73 73 22 2c 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 76 6f 69 64 20 30 21 3d 3d 74 26 26 22 62 6f 6f 6c 65 61 6e 22 21 3d 74 79 70 65 6f 66 20 74 3f 62 2e 61 70 70 6c 79 28 74 68 69 73 2c 61 72 67 75 6d 65 6e 74 73 29 3a 28 75 28 22 74 6f 67 67 6c 65 43 6c 61 73 73 2d 62 6f 6f 6c 22 2c 22 6a 51 75 65 72 79 2e 66 6e 2e 74 6f 67 67 6c 65 43 6c 61 73 73 28 20 62 6f 6f 6c 65 61 6e 20 29 20 69 73 20 64 65 70 72 65 63 61 74 65 64 22 29 2c 74 68 69 73 2e 65 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 3d 74 68 69 73 2e 67 65 74 41 74 74 72 69 62 75 74 65 26 26 74 68 69 73 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 63 6c 61 73 73 22 29 7c 7c 22 22 3b 65 26 26 73 2e 64 61 74 61 28 74 68 69 73 2c 22 5f 5f 63 6c 61 73 73
                                                                                                                                                                                                                                                                                                                                  Data Ascii: eClass",function(t){return void 0!==t&&"boolean"!=typeof t?b.apply(this,arguments):(u("toggleClass-bool","jQuery.fn.toggleClass( boolean ) is deprecated"),this.each(function(){var e=this.getAttribute&&this.getAttribute("class")||"";e&&s.data(this,"__class
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC1369INData Raw: 30 2c 6f 72 70 68 61 6e 73 3a 21 30 2c 77 69 64 6f 77 73 3a 21 30 2c 7a 49 6e 64 65 78 3a 21 30 2c 7a 6f 6f 6d 3a 21 30 7d 2c 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 50 72 6f 78 79 3f 73 2e 63 73 73 4e 75 6d 62 65 72 3d 6e 65 77 20 50 72 6f 78 79 28 41 2c 7b 67 65 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 75 28 22 63 73 73 2d 6e 75 6d 62 65 72 22 2c 22 6a 51 75 65 72 79 2e 63 73 73 4e 75 6d 62 65 72 20 69 73 20 64 65 70 72 65 63 61 74 65 64 22 29 2c 52 65 66 6c 65 63 74 2e 67 65 74 2e 61 70 70 6c 79 28 74 68 69 73 2c 61 72 67 75 6d 65 6e 74 73 29 7d 2c 73 65 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 75 28 22 63 73 73 2d 6e 75 6d 62 65 72 22 2c 22 6a 51 75 65 72 79 2e 63 73 73 4e 75 6d 62 65 72 20 69
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 0,orphans:!0,widows:!0,zIndex:!0,zoom:!0},"undefined"!=typeof Proxy?s.cssNumber=new Proxy(A,{get:function(){return u("css-number","jQuery.cssNumber is deprecated"),Reflect.get.apply(this,arguments)},set:function(){return u("css-number","jQuery.cssNumber i
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC1369INData Raw: 22 2c 22 27 6a 51 75 65 72 79 2e 65 61 73 69 6e 67 2e 22 2b 74 68 69 73 2e 65 61 73 69 6e 67 2e 74 6f 53 74 72 69 6e 67 28 29 2b 22 27 20 73 68 6f 75 6c 64 20 75 73 65 20 6f 6e 6c 79 20 6f 6e 65 20 61 72 67 75 6d 65 6e 74 22 29 2c 73 2e 65 61 73 69 6e 67 5b 74 68 69 73 2e 65 61 73 69 6e 67 5d 3d 48 29 2c 6b 2e 61 70 70 6c 79 28 74 68 69 73 2c 61 72 67 75 6d 65 6e 74 73 29 7d 2c 22 65 61 73 69 6e 67 2d 6f 6e 65 2d 61 72 67 22 29 2c 53 3d 73 2e 66 78 2e 69 6e 74 65 72 76 61 6c 2c 50 3d 22 6a 51 75 65 72 79 2e 66 78 2e 69 6e 74 65 72 76 61 6c 20 69 73 20 64 65 70 72 65 63 61 74 65 64 22 2c 6e 2e 72 65 71 75 65 73 74 41 6e 69 6d 61 74 69 6f 6e 46 72 61 6d 65 26 26 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 28 73 2e 66 78 2c 22 69 6e 74 65
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ","'jQuery.easing."+this.easing.toString()+"' should use only one argument"),s.easing[this.easing]=H),k.apply(this,arguments)},"easing-one-arg"),S=s.fx.interval,P="jQuery.fx.interval is deprecated",n.requestAnimationFrame&&Object.defineProperty(s.fx,"inte
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC1369INData Raw: 2c 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 69 28 73 2e 66 6e 2c 74 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 3d 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 2e 73 6c 69 63 65 2e 63 61 6c 6c 28 61 72 67 75 6d 65 6e 74 73 2c 30 29 3b 72 65 74 75 72 6e 22 6c 6f 61 64 22 3d 3d 3d 74 26 26 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 65 5b 30 5d 3f 4d 2e 61 70 70 6c 79 28 74 68 69 73 2c 65 29 3a 28 75 28 22 73 68 6f 72 74 68 61 6e 64 2d 72 65 6d 6f 76 65 64 2d 76 33 22 2c 22 6a 51 75 65 72 79 2e 66 6e 2e 22 2b 74 2b 22 28 29 20 69 73 20 64 65 70 72 65 63 61 74 65 64 22 29 2c 65 2e 73 70 6c 69 63 65 28 30 2c 30 2c 74 29 2c 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3f 74 68 69 73 2e 6f 6e 2e 61 70 70 6c 79 28 74 68 69 73 2c 65 29 3a 28 74
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ,function(e,t){i(s.fn,t,function(){var e=Array.prototype.slice.call(arguments,0);return"load"===t&&"string"==typeof e[0]?M.apply(this,e):(u("shorthand-removed-v3","jQuery.fn."+t+"() is deprecated"),e.splice(0,0,t),arguments.length?this.on.apply(this,e):(t
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC1369INData Raw: 6f 76 65 72 22 2c 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 6f 6e 28 22 6d 6f 75 73 65 65 6e 74 65 72 22 2c 65 29 2e 6f 6e 28 22 6d 6f 75 73 65 6c 65 61 76 65 22 2c 74 7c 7c 65 29 7d 2c 22 70 72 65 2d 6f 6e 2d 6d 65 74 68 6f 64 73 22 2c 22 6a 51 75 65 72 79 2e 66 6e 2e 68 6f 76 65 72 28 29 20 69 73 20 64 65 70 72 65 63 61 74 65 64 22 29 3b 66 75 6e 63 74 69 6f 6e 20 54 28 65 29 7b 76 61 72 20 74 3d 6e 2e 64 6f 63 75 6d 65 6e 74 2e 69 6d 70 6c 65 6d 65 6e 74 61 74 69 6f 6e 2e 63 72 65 61 74 65 48 54 4d 4c 44 6f 63 75 6d 65 6e 74 28 22 22 29 3b 72 65 74 75 72 6e 20 74 2e 62 6f 64 79 2e 69 6e 6e 65 72 48 54 4d 4c 3d 65 2c 74 2e 62 6f 64 79 26 26 74 2e 62 6f 64 79 2e 69 6e 6e 65 72 48 54 4d 4c 7d 76 61 72 20 46 3d 2f 3c 28
                                                                                                                                                                                                                                                                                                                                  Data Ascii: over",function(e,t){return this.on("mouseenter",e).on("mouseleave",t||e)},"pre-on-methods","jQuery.fn.hover() is deprecated");function T(e){var t=n.document.implementation.createHTMLDocument("");return t.body.innerHTML=e,t.body&&t.body.innerHTML}var F=/<(


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  10192.168.2.74972613.226.251.884437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC594OUTGET /fonts/2.2.7/metric/Metric-Regular.woff2 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: d6vtbcy3ong79.cloudfront.net
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: font
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC503INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Content-Type: font/woff2
                                                                                                                                                                                                                                                                                                                                  Content-Length: 34640
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,max-age=31536000
                                                                                                                                                                                                                                                                                                                                  Last-Modified: Wed, 10 Apr 2024 08:36:16 GMT
                                                                                                                                                                                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  Date: Wed, 17 Apr 2024 22:20:07 GMT
                                                                                                                                                                                                                                                                                                                                  X-Cache: Hit from cloudfront
                                                                                                                                                                                                                                                                                                                                  Via: 1.1 04e21fcab9c40f810adb3684797ad256.cloudfront.net (CloudFront)
                                                                                                                                                                                                                                                                                                                                  X-Amz-Cf-Pop: LAX50-C3
                                                                                                                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                                                                  X-Amz-Cf-Id: 59XNyyHK5y-hBZcaznLJoxVBd28xmQrtpw61V8pCPjX1j-lIXZ9ukw==
                                                                                                                                                                                                                                                                                                                                  Age: 522565
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC16384INData Raw: 77 4f 46 32 00 01 00 00 00 00 87 50 00 13 00 00 00 01 9e ac 00 00 85 af 00 01 00 83 00 00 86 18 00 00 01 38 00 00 03 3a 00 00 00 00 00 00 00 00 1b 81 90 3e 1c 96 0e 14 83 52 06 60 16 8b 60 00 8b 16 08 52 09 82 73 11 14 0a 83 f4 60 83 c7 74 12 bd 58 01 36 02 24 03 8e 1a 0b 87 1e 00 04 20 05 8e 49 07 99 02 0c 84 56 5b 4d 83 71 07 eb b6 9d ef 54 84 d4 5d 95 e0 df 70 ff b2 57 0d f3 7c b1 e3 6e 15 a9 15 98 ec 72 09 db a6 44 b7 bb 55 d5 88 f4 70 0c b3 ff ff ff ff e4 04 15 31 b6 db 7d 98 bb 7f c4 52 44 52 2b 2b 70 99 59 40 f4 d1 4b 97 92 8c c1 a9 06 25 a7 b1 8e 31 ce 14 95 7c 54 d4 67 2f 5b 2d 9c 20 90 cb f4 d7 e6 d5 b2 dd 64 d7 dc 2d 01 e6 4e 7b e2 d7 8b dd e3 a0 a9 07 8e c0 21 d9 46 5b 37 7d 49 cd d8 f2 1a 68 f7 83 d9 7c ed 01 7a 1f 4b 9c 91 9a e0 e4 c0 d2 70
                                                                                                                                                                                                                                                                                                                                  Data Ascii: wOF2P8:>R``Rs`tX6$ IV[MqT]pW|nrDUp1}RDR++pY@K%1|Tg/[- d-N{!F[7}Ih|zKp
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC16384INData Raw: c5 3f 85 2b c5 d3 aa 69 82 27 7b f7 21 f7 b9 d8 45 b7 d3 c3 de 10 f2 95 3a ff de 1e c7 31 7d 07 fc 47 ef 86 76 d5 2e a2 f6 26 46 91 e6 f1 fe 44 07 a4 5f 66 2e 46 80 71 c6 e2 34 c7 5d 01 f2 3e 2f f5 af 90 57 2a 91 aa b8 59 3e 79 49 b1 fe f9 98 9d 95 44 95 50 82 15 d8 45 b7 bc 76 28 73 d6 84 e2 c8 24 32 d9 7c 9d bf 5e 35 06 8c ed b7 66 bb e8 89 c8 5a fa 9e bf dd 85 c0 a7 f2 32 f7 ac 2b f0 68 87 a8 63 14 f8 ad 54 07 79 c4 df 39 30 cc f9 39 cc fe 1b c3 4e d1 93 99 41 bf 93 ed c1 e4 6e 72 f0 9b 69 9f f8 78 57 b0 1f a0 fc 8c f9 24 9c 60 85 57 61 bc 4c 38 0f db e9 03 a6 af 2a 59 61 9e 1a bc fd 23 fc 81 c0 61 a8 b9 e9 19 b8 93 14 01 9d 1e 4d a1 44 d3 e9 82 ed 7e c7 70 b8 11 3f bf 11 1c ee 18 eb 68 3f f4 2f eb c2 f8 31 63 11 17 7f 39 3f 1d 49 af e4 56 36 71 20 f6
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ?+i'{!E:1}Gv.&FD_f.Fq4]>/W*Y>yIDPEv(s$2|^5fZ2+hcTy909NAnrixW$`WaL8*Ya#aMD~p?h?/1c9?IV6q
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC1872INData Raw: c3 b5 de 5d 06 4c a7 b2 2c 26 12 81 76 82 29 87 30 df bf 62 20 b9 c6 b4 4b 09 6f 9a a2 11 09 bb 71 ae 00 47 40 28 6d 03 11 33 5d 47 af 94 37 2c 81 a2 82 85 31 a5 1b 53 75 b3 b1 60 8a 49 11 64 6f 38 f2 8f 33 32 17 4e f5 d9 65 b2 dd 14 97 ae 66 8c 0e 63 84 bd 05 67 f9 c2 2c f6 73 89 e7 41 14 c0 e0 ae 93 ff 0c fb b5 37 de 7a 67 d6 0b 2f 7d f1 d5 47 df 7c f6 c9 7b 1f 4c 22 21 a3 a0 a2 91 41 c7 c0 c4 c2 26 4b 0e 07 17 0f 41 9e 02 6c e5 a4 aa 10 82 56 64 3a 4d 23 4d 57 ac 38 30 14 ac 88 64 a2 7d e0 a2 27 1f 49 86 3d 31 e4 a9 19 14 44 f5 b0 e5 10 9d 98 3e 54 36 92 45 72 30 b0 70 f0 08 dc 9c 40 e2 2f 40 a0 20 64 5b d5 c5 51 fb 4b 84 26 4c 38 ba 08 da 55 39 4a b4 8f 2d 27 96 e2 14 13 fa 82 e3 f4 c3 52 49 b8 92 f1 f0 09 a4 10 12 01 88 49 48 c9 80 20 72 30 05 25 15
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ]L,&v)0b KoqG@(m3]G7,1Su`Ido832Nefcg,sA7zg/}G|{L"!A&KAlVd:M#MW80d}'I=1D>T6Er0p@/@ d[QK&L8U9J-'RIIH r0%


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  11192.168.2.74973052.85.205.1954437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC609OUTGET /cache/b6ce06a57a51347c21d7af30873baa8620408fd6/telerik/css/style.css HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: dtzbdy9anri2p.cloudfront.net
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: style
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC493INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Content-Type: text/css
                                                                                                                                                                                                                                                                                                                                  Content-Length: 278052
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,max-age=31536000
                                                                                                                                                                                                                                                                                                                                  Last-Modified: Mon, 13 Nov 2023 13:22:02 GMT
                                                                                                                                                                                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                  Date: Mon, 22 Apr 2024 14:14:01 GMT
                                                                                                                                                                                                                                                                                                                                  Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                  X-Cache: Hit from cloudfront
                                                                                                                                                                                                                                                                                                                                  Via: 1.1 202a531bf43fbb0571a227d5ba4e11ac.cloudfront.net (CloudFront)
                                                                                                                                                                                                                                                                                                                                  X-Amz-Cf-Pop: LAX50-C4
                                                                                                                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                                                                  X-Amz-Cf-Id: dX4WuoO2hXq-nHWlSLwEPPaQLZF_vU78Z9n3E2BEF_RPAUE51HP8gw==
                                                                                                                                                                                                                                                                                                                                  Age: 119731
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC15891INData Raw: 40 63 68 61 72 73 65 74 20 22 55 54 46 2d 38 22 3b 2e 42 6c 6f 63 6b 4c 69 6e 6b 73 2d 2d 62 75 74 74 6f 6e 73 20 61 2c 2e 42 74 6e 2c 2e 50 61 67 65 57 72 61 70 70 65 72 2c 2e 50 61 6e 65 6c 43 68 6f 69 63 65 20 6c 61 62 65 6c 2c 2e 52 61 64 45 64 69 74 6f 72 20 69 66 72 61 6d 65 2c 2e 53 65 61 72 63 68 52 65 73 75 6c 74 73 20 2a 2c 2e 53 65 63 74 69 6f 6e 2d 62 61 6e 6e 65 72 2c 2e 53 65 63 74 69 6f 6e 2d 63 6f 76 65 72 2c 2e 53 6c 69 64 65 72 2d 73 6c 69 64 65 2c 2e 54 4b 2d 54 61 67 2d 49 6e 70 75 74 2d 42 75 74 74 6f 6e 2c 2e 54 69 6d 65 4c 69 6e 65 20 3a 61 66 74 65 72 2c 2e 54 69 6d 65 4c 69 6e 65 20 3a 62 65 66 6f 72 65 2c 2e 63 6f 6c 2d 31 2c 2e 63 6f 6c 2d 31 30 2c 2e 63 6f 6c 2d 31 31 2c 2e 63 6f 6c 2d 31 32 2c 2e 63 6f 6c 2d 32 2c 2e 63 6f 6c
                                                                                                                                                                                                                                                                                                                                  Data Ascii: @charset "UTF-8";.BlockLinks--buttons a,.Btn,.PageWrapper,.PanelChoice label,.RadEditor iframe,.SearchResults *,.Section-banner,.Section-cover,.Slider-slide,.TK-Tag-Input-Button,.TimeLine :after,.TimeLine :before,.col-1,.col-10,.col-11,.col-12,.col-2,.col
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC16384INData Raw: 62 61 63 6b 67 72 6f 75 6e 64 3a 2d 77 65 62 6b 69 74 2d 67 72 61 64 69 65 6e 74 28 6c 69 6e 65 61 72 2c 6c 65 66 74 20 74 6f 70 2c 6c 65 66 74 20 62 6f 74 74 6f 6d 2c 66 72 6f 6d 28 23 32 38 32 66 38 39 29 2c 74 6f 28 23 31 35 31 39 35 30 29 29 21 69 6d 70 6f 72 74 61 6e 74 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 38 30 64 65 67 2c 23 32 38 32 66 38 39 2c 23 31 35 31 39 35 30 29 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 75 2d 62 67 2d 62 6c 75 65 2d 2d 67 72 61 64 69 65 6e 74 31 7b 62 61 63 6b 72 6f 67 75 6e 64 3a 23 30 36 31 36 33 65 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 2d 77 65 62 6b 69 74 2d 67 72 61 64 69 65 6e 74 28 6c 69 6e 65 61 72 2c 6c 65 66 74 20 74 6f 70 2c 6c 65 66 74 20 62 6f 74 74 6f 6d 2c 66 72 6f 6d
                                                                                                                                                                                                                                                                                                                                  Data Ascii: background:-webkit-gradient(linear,left top,left bottom,from(#282f89),to(#151950))!important;background:linear-gradient(180deg,#282f89,#151950)!important}.u-bg-blue--gradient1{backrogund:#06163e;background:-webkit-gradient(linear,left top,left bottom,from
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC16384INData Raw: 74 2d 2d 74 72 61 6e 73 70 61 72 65 6e 74 2e 69 73 2d 66 69 78 65 64 20 2e 4e 61 76 41 6c 74 2d 61 6e 63 68 6f 72 3a 61 63 74 69 76 65 2c 2e 4e 61 76 41 6c 74 2d 2d 74 72 61 6e 73 70 61 72 65 6e 74 2e 69 73 2d 66 69 78 65 64 20 2e 4e 61 76 41 6c 74 2d 61 6e 63 68 6f 72 3a 66 6f 63 75 73 2c 2e 4e 61 76 41 6c 74 2d 2d 74 72 61 6e 73 70 61 72 65 6e 74 2e 69 73 2d 66 69 78 65 64 20 2e 4e 61 76 41 6c 74 2d 61 6e 63 68 6f 72 3a 68 6f 76 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 33 39 33 66 34 37 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 68 73 6c 61 28 30 2c 30 25 2c 31 30 30 25 2c 2e 32 29 7d 2e 4e 61 76 41 6c 74 2d 2d 74 72 61 6e 73 70 61 72 65 6e 74 20 2e 4e 61 76 41 6c 74 2d 61 6e 63 68 6f 72 7b 66 6f 6e 74 3a 33 30 30 20 31
                                                                                                                                                                                                                                                                                                                                  Data Ascii: t--transparent.is-fixed .NavAlt-anchor:active,.NavAlt--transparent.is-fixed .NavAlt-anchor:focus,.NavAlt--transparent.is-fixed .NavAlt-anchor:hover{background-color:#393f47;background-color:hsla(0,0%,100%,.2)}.NavAlt--transparent .NavAlt-anchor{font:300 1
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC16384INData Raw: 65 63 74 69 6f 6e 2d 2d 67 72 65 79 31 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 66 33 66 35 66 37 7d 2e 53 65 63 74 69 6f 6e 2d 2d 67 72 65 65 6e 34 20 61 7b 63 6f 6c 6f 72 3a 23 30 30 30 7d 2e 53 65 63 74 69 6f 6e 2d 2d 67 72 65 65 6e 34 20 68 36 7b 63 6f 6c 6f 72 3a 23 35 35 35 7d 2e 53 65 63 74 69 6f 6e 2d 2d 62 6c 61 63 6b 20 2e 72 6f 77 2d 2d 73 65 70 61 72 61 74 65 64 3e 64 69 76 3a 62 65 66 6f 72 65 2c 2e 53 65 63 74 69 6f 6e 2d 2d 62 6c 61 63 6b 32 20 2e 72 6f 77 2d 2d 73 65 70 61 72 61 74 65 64 3e 64 69 76 3a 62 65 66 6f 72 65 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 38 31 38 36 39 32 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 68 73 6c 61 28 30 2c 30 25 2c 35 30 25 2c 2e 32 29 7d 2e 53 65 63 74 69 6f 6e
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ection--grey1{background-color:#f3f5f7}.Section--green4 a{color:#000}.Section--green4 h6{color:#555}.Section--black .row--separated>div:before,.Section--black2 .row--separated>div:before{background-color:#818692;background-color:hsla(0,0%,50%,.2)}.Section
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC16384INData Raw: 61 6c 2d 61 6c 69 67 6e 3a 74 6f 70 7d 2e 69 65 37 20 2e 73 66 46 69 65 6c 64 57 72 70 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 3b 7a 6f 6f 6d 3a 31 7d 2e 73 66 45 64 69 74 6f 72 57 72 70 2c 2e 73 66 46 6f 72 6d 43 68 65 63 6b 62 6f 78 6c 69 73 74 2c 2e 73 66 46 6f 72 6d 52 61 64 69 6f 6c 69 73 74 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 31 30 70 78 7d 2e 73 66 46 6f 72 6d 43 68 65 63 6b 62 6f 78 6c 69 73 74 20 2e 73 66 54 78 74 4c 62 6c 2c 2e 73 66 46 6f 72 6d 52 61 64 69 6f 6c 69 73 74 20 2e 73 66 54 78 74 4c 62 6c 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 31 70 78 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 37 30 30 3b 6d 61 72 67 69 6e 3a 32 30 70 78 20 30 20 37 70 78 3b 74 65 78 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 75 70 70 65 72 63 61 73 65 7d 2e 73 66
                                                                                                                                                                                                                                                                                                                                  Data Ascii: al-align:top}.ie7 .sfFieldWrp{display:inline;zoom:1}.sfEditorWrp,.sfFormCheckboxlist,.sfFormRadiolist{margin-bottom:10px}.sfFormCheckboxlist .sfTxtLbl,.sfFormRadiolist .sfTxtLbl{font-size:11px;font-weight:700;margin:20px 0 7px;text-transform:uppercase}.sf
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC16384INData Raw: 69 6e 61 74 69 6f 6e 2d 70 72 65 76 3a 62 65 66 6f 72 65 2c 2e 50 61 67 69 6e 61 74 69 6f 6e 3e 61 3a 66 69 72 73 74 2d 63 68 69 6c 64 3a 62 65 66 6f 72 65 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 74 6c 72 6b 2d 69 63 6f 6e 2d 66 6f 6e 74 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 33 35 65 6d 3b 6c 65 66 74 3a 2e 30 31 65 6d 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 30 35 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 75 6e 64 65 72 6c 69 6e 65 3b 74 6f 70 3a 2d 2e 30 38 65 6d 7d 2e 4c 69 6e 6b 2d 2d 61 64 64 3a 62 65 66 6f 72 65 2c 2e 4c 69 6e 6b 2d 2d 61 64 64 3a 68 6f 76 65 72 3a 62 65 66 6f 72 65 2c 2e 4c 69 6e 6b 2d 2d 67 6f 54 6f 3a 62 65 66 6f 72 65 2c 2e 4c 69 6e 6b 2d 2d 67 6f 54 6f 3a 68 6f
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ination-prev:before,.Pagination>a:first-child:before{font-family:tlrk-icon-font;font-size:1.35em;left:.01em;line-height:1.05;position:absolute;text-decoration:underline;top:-.08em}.Link--add:before,.Link--add:hover:before,.Link--goTo:before,.Link--goTo:ho
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC16384INData Raw: 75 64 7b 6c 69 73 74 2d 73 74 79 6c 65 2d 69 6d 61 67 65 3a 75 72 6c 28 22 64 61 74 61 3a 69 6d 61 67 65 2f 73 76 67 2b 78 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 2c 25 33 43 73 76 67 20 78 6d 6c 6e 73 3d 27 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 27 20 77 69 64 74 68 3d 27 33 35 27 20 68 65 69 67 68 74 3d 27 32 33 27 25 33 45 25 33 43 70 61 74 68 20 66 69 6c 6c 3d 27 25 32 33 30 30 42 35 44 43 27 20 64 3d 27 4d 32 37 2e 38 2e 33 38 20 31 30 2e 36 20 31 37 2e 39 32 63 2d 31 2e 34 34 2d 31 2e 34 36 2d 36 2e 32 38 2d 36 2e 33 35 2d 37 2e 39 39 2d 38 2e 30 37 4c 2e 32 37 20 31 32 2e 31 39 63 31 2e 39 34 20 31 2e 39 34 20 39 2e 31 36 20 39 2e 32 35 20 39 2e 31 36 20 39 2e 32 35 6c 31 2e 31 38 20 31 2e 32 4c 33 30
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ud{list-style-image:url("data:image/svg+xml;charset=utf-8,%3Csvg xmlns='http://www.w3.org/2000/svg' width='35' height='23'%3E%3Cpath fill='%2300B5DC' d='M27.8.38 10.6 17.92c-1.44-1.46-6.28-6.35-7.99-8.07L.27 12.19c1.94 1.94 9.16 9.25 9.16 9.25l1.18 1.2L30
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC16384INData Raw: 65 35 65 61 20 74 72 61 6e 73 70 61 72 65 6e 74 20 74 72 61 6e 73 70 61 72 65 6e 74 3b 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 33 34 70 78 20 33 34 70 78 20 30 20 30 3b 6c 65 66 74 3a 30 3b 72 69 67 68 74 3a 61 75 74 6f 7d 2e 42 6c 6f 63 6b 71 75 6f 74 65 54 72 69 61 6e 67 6c 65 2d 2d 6c 65 66 74 20 63 69 74 65 7b 70 61 64 64 69 6e 67 3a 32 36 70 78 20 30 20 30 7d 2e 54 65 73 74 69 6d 6f 6e 69 61 6c 73 4c 69 73 74 20 62 6c 6f 63 6b 71 75 6f 74 65 20 70 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 70 61 64 64 69 6e 67 3a 35 70 78 20 30 20 30 3b 74 65 78 74 2d 69 6e 64 65 6e 74 3a 30 7d 2e 54 65 73 74 69 6d 6f 6e 69 61 6c 73 4c 69 73 74 20 62 6c 6f 63 6b 71 75 6f 74 65 20 70 3a 62 65 66 6f 72 65 7b 6c 65 66
                                                                                                                                                                                                                                                                                                                                  Data Ascii: e5ea transparent transparent;border-width:34px 34px 0 0;left:0;right:auto}.BlockquoteTriangle--left cite{padding:26px 0 0}.TestimonialsList blockquote p{background:none;font-size:16px;padding:5px 0 0;text-indent:0}.TestimonialsList blockquote p:before{lef
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC16384INData Raw: 2d 67 72 61 64 69 65 6e 74 28 6c 69 6e 65 61 72 2c 72 69 67 68 74 20 62 6f 74 74 6f 6d 2c 6c 65 66 74 20 74 6f 70 2c 63 6f 6c 6f 72 2d 73 74 6f 70 28 34 39 25 2c 74 72 61 6e 73 70 61 72 65 6e 74 29 2c 63 6f 6c 6f 72 2d 73 74 6f 70 28 35 30 25 2c 23 66 66 39 62 34 62 29 29 2c 2d 77 65 62 6b 69 74 2d 67 72 61 64 69 65 6e 74 28 6c 69 6e 65 61 72 2c 72 69 67 68 74 20 74 6f 70 2c 6c 65 66 74 20 62 6f 74 74 6f 6d 2c 63 6f 6c 6f 72 2d 73 74 6f 70 28 34 39 25 2c 74 72 61 6e 73 70 61 72 65 6e 74 29 2c 63 6f 6c 6f 72 2d 73 74 6f 70 28 35 30 25 2c 23 66 66 39 62 34 62 29 29 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 20 74 6f 70 20 6c 65 66 74 2c 74 72 61 6e 73 70 61 72 65 6e 74 20 34 39 25 2c 23 66 66 39 62 34 62 20 35
                                                                                                                                                                                                                                                                                                                                  Data Ascii: -gradient(linear,right bottom,left top,color-stop(49%,transparent),color-stop(50%,#ff9b4b)),-webkit-gradient(linear,right top,left bottom,color-stop(49%,transparent),color-stop(50%,#ff9b4b));background:linear-gradient(to top left,transparent 49%,#ff9b4b 5
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC377INData Raw: 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 72 69 67 68 74 3a 33 30 70 78 3b 74 65 78 74 2d 6f 76 65 72 66 6c 6f 77 3a 65 6c 6c 69 70 73 69 73 3b 74 6f 70 3a 31 70 78 3b 7a 2d 69 6e 64 65 78 3a 32 7d 2e 46 61 69 6c 65 64 49 6e 70 75 74 20 2e 68 61 73 2d 72 65 76 65 61 6c 20 2e 72 65 76 65 61 6c 2d 70 61 73 73 7b 6c 65 66 74 3a 36 70 78 7d 2e 68 61 73 2d 72 65 76 65 61 6c 20 69 6e 70 75 74 3a 3a 2d 6d 73 2d 72 65 76 65 61 6c 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 2e 52 65 76 65 61 6c 50 61 73 73 77 6f 72 64 57 72 61 70 70 65 72 7b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 7d 2e 52 65 76 65 61 6c 50 61 73 73 77 6f 72 64 57 72 61 70 70 65 72 20 69 6e 70 75 74 3a 3a 2d 6d 73 2d 72 65 76 65 61 6c 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 2e 52
                                                                                                                                                                                                                                                                                                                                  Data Ascii: sition:absolute;right:30px;text-overflow:ellipsis;top:1px;z-index:2}.FailedInput .has-reveal .reveal-pass{left:6px}.has-reveal input::-ms-reveal{display:none}.RevealPasswordWrapper{position:relative}.RevealPasswordWrapper input::-ms-reveal{display:none}.R


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  12192.168.2.74972513.226.251.884437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC595OUTGET /fonts/2.2.7/metric/Metric-Semibold.woff2 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: d6vtbcy3ong79.cloudfront.net
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: font
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC503INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Content-Type: font/woff2
                                                                                                                                                                                                                                                                                                                                  Content-Length: 35758
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,max-age=31536000
                                                                                                                                                                                                                                                                                                                                  Last-Modified: Wed, 10 Apr 2024 08:36:16 GMT
                                                                                                                                                                                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  Date: Mon, 22 Apr 2024 10:38:46 GMT
                                                                                                                                                                                                                                                                                                                                  X-Cache: Hit from cloudfront
                                                                                                                                                                                                                                                                                                                                  Via: 1.1 ac3f5ff5f29f102b8bc81b41df4c002e.cloudfront.net (CloudFront)
                                                                                                                                                                                                                                                                                                                                  X-Amz-Cf-Pop: LAX50-C3
                                                                                                                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                                                                  X-Amz-Cf-Id: QSbSkO4mdaS1xQdYkwNXJgC3cQEYoMkJNZHIEPUW8pBlgoCxnN2xzg==
                                                                                                                                                                                                                                                                                                                                  Age: 132645
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC16384INData Raw: 77 4f 46 32 00 01 00 00 00 00 8b ae 00 13 00 00 00 01 af 60 00 00 8a 06 00 01 00 83 00 00 8a 70 00 00 01 3e 00 00 03 3c 00 00 00 00 00 00 00 00 1b 81 94 5e 1c 95 3c 14 83 59 06 60 16 8b 60 00 8b 2c 08 46 09 82 73 11 14 0a 84 90 68 83 e3 59 12 be 60 01 36 02 24 03 8e 36 0b 87 2c 00 04 20 05 8e 53 07 99 6d 0c 84 01 5b d5 93 91 04 ad 0d 3d 2d e9 09 36 06 d3 9b 55 3d ec ec f8 f5 00 07 d0 db f6 20 f4 66 49 f8 5c 37 7f e7 5b c2 b6 59 78 ec 76 d8 b4 cf 2d ef ca fe ff ff ff ff 5f 91 54 64 cc a6 1d 69 b7 0d d0 21 fe 2a 8a fa fb 0b a9 79 48 a6 84 44 81 da 20 62 14 4e b3 4c 41 39 54 0a 03 1d a9 f1 28 5d f1 a5 6b 14 6a a7 35 20 78 8e 99 f1 d5 c6 ef 52 c8 8b 10 7d ba de 5c 82 bc 72 02 46 1d b7 19 ea 4d bb 5f 02 33 d2 3e 71 00 5d 36 9b 8b 6b 14 6a 04 4f bc 1e 3b 15 a7
                                                                                                                                                                                                                                                                                                                                  Data Ascii: wOF2`p><^<Y``,FshY`6$6, Sm[=-6U= fI\7[Yxv-_Tdi!*yHD bNLA9T(]kj5 xR}\rFM_3>q]6kjO;
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC16384INData Raw: 00 41 5d 61 71 2e 7e 45 94 8b c8 97 55 f7 d9 8a 6d 8b 3a 90 1f a4 ef eb cf 1e 8f 67 35 ad 4f 6a d2 f6 8f 27 29 64 1d 7a 70 bc e8 f7 df 8b ac ad 85 a5 4b c9 b8 f3 fc 0b 31 2f 61 c5 60 84 07 da 6f e1 48 df 2a fc 52 e5 e0 f8 2a 50 35 0e 6d 6a 7b fb f2 fc 32 e6 c7 30 5f 1d 2f cd c0 0e 07 a0 d7 61 33 a4 93 20 8b bf 67 fd 84 e8 09 14 39 d6 db 60 1a 88 b7 81 38 1b de e2 f6 00 60 fa 58 f0 f5 20 ae 1e 8f b7 a5 64 3d 74 0f a7 68 30 8d 4b 9a 8a 64 4d 4c 69 53 61 7c 93 35 1b 1c 36 78 e1 bd 59 66 d0 14 d3 d4 b2 59 94 fa 1d 56 11 68 53 11 ba b4 54 65 e0 eb eb ae 2f 94 90 df 94 66 4a fe 80 b6 2b 61 b9 67 bb a7 a7 6f b1 bf eb bf 24 f1 55 16 7b e9 e9 a7 e8 6a 8e 7d 03 b7 d2 e9 1b 61 78 23 9d de ba d3 3b d9 d7 37 d7 db 3b d6 d7 37 d9 52 19 6d 59 af b0 2c fa 7a b9 4a ee 4a
                                                                                                                                                                                                                                                                                                                                  Data Ascii: A]aq.~EUm:g5Oj')dzpK1/a`oH*R*P5mj{20_/a3 g9`8`X d=th0KdMLiSa|56xYfYVhSTe/fJ+ago$U{j}ax#;7;7RmY,zJJ
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC2990INData Raw: 53 49 c7 7f d5 5c 81 a9 60 bc 5c 41 5a 3e b2 79 a2 6a 0a 76 5d d8 1d 26 19 01 53 67 28 fb 48 da 15 44 5f c9 fb 48 32 ca f1 7b 8f a9 bd fa cc 6c 78 f6 ea 57 07 de 03 28 5d 2e 96 f9 60 9a 04 f9 e2 98 46 02 53 dd 4c 9b 40 be 79 4c 9c 60 ca 4e ba e1 4c fd 66 da 35 a6 15 31 ad 8a 9c af aa 54 d6 8b a4 b8 a9 fd 0f c9 e2 e9 97 88 e5 12 e8 16 86 2a 8d 80 72 08 88 2e d7 93 79 fd 87 a6 f2 fd ba 2d d7 35 d2 51 c1 d0 72 12 2d 48 ba 70 52 c3 10 c3 f6 fe c9 e8 15 be 5e 04 b9 67 c5 97 dc 5e 50 4b 48 ac a8 f5 24 15 c4 c5 90 0e 37 d5 54 fc be 0b ea 39 86 35 63 e8 3e 57 5d 08 b6 15 87 e7 19 a6 dc aa 83 27 67 3a 04 f4 91 f8 10 75 a2 b3 fb 61 96 53 eb 06 4a 3e f2 41 81 17 4b b4 7a 82 a0 d4 05 a3 c7 90 96 40 5b 03 59 b7 56 ea 36 de 30 2b f9 24 30 8c 09 c6 ea 09 76 84 c7 2c 12
                                                                                                                                                                                                                                                                                                                                  Data Ascii: SI\`\AZ>yjv]&Sg(HD_H2{lxW(].`FSL@yL`NLf51T*r.y-5Qr-HpR^g^PKH$7T95c>W]'g:uaSJ>AKz@[YV60+$0v,


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  13192.168.2.74972713.226.251.884437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC599OUTGET /telerik-navigation/3.5.25/js/index.min.mjs HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: d6vtbcy3ong79.cloudfront.net
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC544INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/javascript
                                                                                                                                                                                                                                                                                                                                  Content-Length: 20033
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,max-age=31536000
                                                                                                                                                                                                                                                                                                                                  Last-Modified: Tue, 23 Apr 2024 09:45:56 GMT
                                                                                                                                                                                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 15:15:02 GMT
                                                                                                                                                                                                                                                                                                                                  Vary: Origin,Accept-Encoding
                                                                                                                                                                                                                                                                                                                                  X-Cache: Hit from cloudfront
                                                                                                                                                                                                                                                                                                                                  Via: 1.1 5ef2a900d38e51af436412dffc086198.cloudfront.net (CloudFront)
                                                                                                                                                                                                                                                                                                                                  X-Amz-Cf-Pop: LAX50-C3
                                                                                                                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                                                                  X-Amz-Cf-Id: R2gMGT3fkXkSsUTy5HR5rWP3YpPT7K720nRupEcC81REXBFTcV_tow==
                                                                                                                                                                                                                                                                                                                                  Age: 29669
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC16384INData Raw: 21 66 75 6e 63 74 69 6f 6e 28 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 63 6f 6e 73 74 20 74 3d 7b 61 63 74 69 76 65 43 6c 61 73 73 3a 22 54 4b 2d 4e 61 76 2d 4f 76 65 72 6c 61 79 2d 2d 41 63 74 69 76 65 22 7d 3b 63 6c 61 73 73 20 65 7b 63 6f 6e 73 74 72 75 63 74 6f 72 28 65 2c 73 29 7b 74 68 69 73 2e 6f 70 74 69 6f 6e 73 3d 4f 62 6a 65 63 74 2e 61 73 73 69 67 6e 28 7b 7d 2c 74 2c 73 29 2c 74 68 69 73 2e 65 6c 65 6d 65 6e 74 3d 65 2c 74 68 69 73 2e 61 63 74 69 76 65 43 6c 61 73 73 3d 74 68 69 73 2e 6f 70 74 69 6f 6e 73 2e 61 63 74 69 76 65 43 6c 61 73 73 2c 74 68 69 73 2e 68 69 64 64 65 6e 3d 21 30 7d 73 68 6f 77 28 29 7b 74 68 69 73 2e 68 69 64 64 65 6e 26 26 74 68 69 73 2e 65 6c 65 6d 65 6e 74 26 26 28 74 68 69 73 2e 65 6c 65 6d 65 6e 74 2e 63 6c 61
                                                                                                                                                                                                                                                                                                                                  Data Ascii: !function(){"use strict";const t={activeClass:"TK-Nav-Overlay--Active"};class e{constructor(e,s){this.options=Object.assign({},t,s),this.element=e,this.activeClass=this.options.activeClass,this.hidden=!0}show(){this.hidden&&this.element&&(this.element.cla
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC3649INData Raw: 69 64 74 68 2c 77 69 6e 64 6f 77 2e 69 6e 6e 65 72 57 69 64 74 68 7c 7c 30 29 3c 3d 31 32 34 30 2c 71 3d 28 29 3d 3e 21 4f 28 29 2c 44 3d 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 28 22 23 6a 73 2d 74 6c 72 6b 2d 6e 61 76 22 29 2c 52 3d 74 3d 3e 44 26 26 44 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 28 74 29 2c 46 3d 74 3d 3e 44 26 26 41 72 72 61 79 2e 66 72 6f 6d 28 44 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 74 29 29 3b 66 75 6e 63 74 69 6f 6e 20 42 28 29 7b 6c 65 74 20 74 3d 21 31 3b 63 6f 6e 73 74 7b 66 6f 6e 74 73 3a 65 7d 3d 64 6f 63 75 6d 65 6e 74 2c 73 3d 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 28 48 29 2c 6e 3d 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 28 4b 29
                                                                                                                                                                                                                                                                                                                                  Data Ascii: idth,window.innerWidth||0)<=1240,q=()=>!O(),D=document.querySelector("#js-tlrk-nav"),R=t=>D&&D.querySelector(t),F=t=>D&&Array.from(D.querySelectorAll(t));function B(){let t=!1;const{fonts:e}=document,s=document.querySelector(H),n=document.querySelector(K)


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  14192.168.2.74972813.226.251.884437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC571OUTGET /fonts/2.2.7/css/metric.min.css HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: d6vtbcy3ong79.cloudfront.net
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: style
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC466INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Content-Type: text/css
                                                                                                                                                                                                                                                                                                                                  Content-Length: 508
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,max-age=31536000
                                                                                                                                                                                                                                                                                                                                  Last-Modified: Wed, 10 Apr 2024 08:36:16 GMT
                                                                                                                                                                                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                  Date: Mon, 22 Apr 2024 22:17:59 GMT
                                                                                                                                                                                                                                                                                                                                  X-Cache: Hit from cloudfront
                                                                                                                                                                                                                                                                                                                                  Via: 1.1 f4b741d03f791778aba8bb990c22e3d8.cloudfront.net (CloudFront)
                                                                                                                                                                                                                                                                                                                                  X-Amz-Cf-Pop: LAX50-C3
                                                                                                                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                                                                  X-Amz-Cf-Id: wUHkg43g2WSvI_rCiYawn6oGdYY9jH11-Cc3-lNjEDVSlBiycfZi2g==
                                                                                                                                                                                                                                                                                                                                  Age: 90692
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC508INData Raw: 40 63 68 61 72 73 65 74 20 22 75 74 66 2d 38 22 3b 40 66 6f 6e 74 2d 66 61 63 65 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 4d 65 74 72 69 63 3b 73 72 63 3a 75 72 6c 28 22 2e 2e 2f 6d 65 74 72 69 63 2f 4d 65 74 72 69 63 2d 4c 69 67 68 74 2e 77 6f 66 66 32 22 29 20 66 6f 72 6d 61 74 28 22 77 6f 66 66 32 22 29 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 31 30 30 20 33 30 30 3b 66 6f 6e 74 2d 64 69 73 70 6c 61 79 3a 73 77 61 70 7d 40 66 6f 6e 74 2d 66 61 63 65 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 4d 65 74 72 69 63 3b 73 72 63 3a 75 72 6c 28 22 2e 2e 2f 6d 65 74 72 69 63 2f 4d 65 74 72 69 63 2d 52 65 67 75 6c 61 72 2e 77 6f 66 66 32 22 29 20 66 6f 72 6d 61 74 28 22 77 6f 66 66 32 22 29 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 3b 66 6f 6e 74 2d 64 69 73 70 6c
                                                                                                                                                                                                                                                                                                                                  Data Ascii: @charset "utf-8";@font-face{font-family:Metric;src:url("../metric/Metric-Light.woff2") format("woff2");font-weight:100 300;font-display:swap}@font-face{font-family:Metric;src:url("../metric/Metric-Regular.woff2") format("woff2");font-weight:400;font-displ


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  15192.168.2.74972313.226.251.884437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC584OUTGET /telerik-navigation/3.5.25/css/index.min.css HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: d6vtbcy3ong79.cloudfront.net
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: style
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Content-Type: text/css
                                                                                                                                                                                                                                                                                                                                  Content-Length: 32607
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,max-age=31536000
                                                                                                                                                                                                                                                                                                                                  Last-Modified: Tue, 23 Apr 2024 09:45:56 GMT
                                                                                                                                                                                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 15:15:02 GMT
                                                                                                                                                                                                                                                                                                                                  Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                  X-Cache: Hit from cloudfront
                                                                                                                                                                                                                                                                                                                                  Via: 1.1 9cbcfdda6d6272e0974004cceb62f5ec.cloudfront.net (CloudFront)
                                                                                                                                                                                                                                                                                                                                  X-Amz-Cf-Pop: LAX50-C3
                                                                                                                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                                                                  X-Amz-Cf-Id: wg2zdSvHfZfXQ847uKgje6tJwV2IF1FGvIgCkRE-TXBRhCkRS1NXdQ==
                                                                                                                                                                                                                                                                                                                                  Age: 29669
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC16384INData Raw: 2e 54 4b 2d 41 73 69 64 65 3a 61 66 74 65 72 2c 2e 54 4b 2d 44 72 61 77 65 72 3a 61 66 74 65 72 2c 2e 54 4b 2d 48 61 74 2d 41 73 69 64 65 3a 61 66 74 65 72 2c 2e 54 4b 2d 63 6f 6e 74 61 69 6e 65 72 3a 61 66 74 65 72 2c 2e 54 4b 2d 72 6f 77 3a 61 66 74 65 72 7b 63 6c 65 61 72 3a 62 6f 74 68 3b 63 6f 6e 74 65 6e 74 3a 22 22 3b 64 69 73 70 6c 61 79 3a 74 61 62 6c 65 7d 2e 54 4b 2d 4e 61 76 2d 2d 46 6c 75 69 64 20 2e 54 4b 2d 63 6f 6e 74 61 69 6e 65 72 7b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 7d 2e 54 4b 2d 63 6f 6e 74 61 69 6e 65 72 7b 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 73 69 7a 69 6e 67 3a 62 6f 72 64 65 72 2d 62 6f 78 3b 62 6f 78 2d 73 69 7a 69 6e 67 3a 62 6f 72 64 65 72 2d 62 6f 78 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 61 75 74 6f 3b 6d 61 72 67 69
                                                                                                                                                                                                                                                                                                                                  Data Ascii: .TK-Aside:after,.TK-Drawer:after,.TK-Hat-Aside:after,.TK-container:after,.TK-row:after{clear:both;content:"";display:table}.TK-Nav--Fluid .TK-container{max-width:none}.TK-container{-webkit-box-sizing:border-box;box-sizing:border-box;margin-left:auto;margi
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC16223INData Raw: 4b 2d 4d 65 6e 75 2d 49 74 65 6d 2d 42 75 74 74 6f 6e 3a 68 6f 76 65 72 2c 2e 54 4b 2d 4d 65 6e 75 2d 49 74 65 6d 2d 4c 69 6e 6b 3a 66 6f 63 75 73 2c 2e 54 4b 2d 4d 65 6e 75 2d 49 74 65 6d 2d 4c 69 6e 6b 3a 68 6f 76 65 72 7b 63 6f 6c 6f 72 3a 23 30 30 30 7d 2e 54 4b 2d 50 72 6f 64 75 63 74 73 2d 4d 65 6e 75 2d 49 74 65 6d 2d 42 75 74 74 6f 6e 2c 2e 54 4b 2d 50 72 6f 64 75 63 74 73 2d 4d 65 6e 75 2d 49 74 65 6d 2d 4c 69 6e 6b 7b 63 6f 6c 6f 72 3a 23 30 30 30 3b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 66 6f 6e 74 3a 33 30 30 20 32 30 70 78 2f 36 30 70 78 20 4d 65 74 72 69 63 2c 53 65 67 6f 65 20 55 49 2c 55 62 75 6e 74 75 20 4d 6f 6e 6f 2c 73 61 6e 73 2d 73 65 72 69 66 3b 70 61 64 64 69 6e 67 3a 30 20 31 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61
                                                                                                                                                                                                                                                                                                                                  Data Ascii: K-Menu-Item-Button:hover,.TK-Menu-Item-Link:focus,.TK-Menu-Item-Link:hover{color:#000}.TK-Products-Menu-Item-Button,.TK-Products-Menu-Item-Link{color:#000;display:block;font:300 20px/60px Metric,Segoe UI,Ubuntu Mono,sans-serif;padding:0 10px;position:rela


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  16192.168.2.74973152.85.205.1954437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC606OUTGET /cache/b3485d7dde1ec57a3915d1079237c8c34a5198c1/telerik/js/dist/polyfills.min.js HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: dtzbdy9anri2p.cloudfront.net
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC506INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/javascript
                                                                                                                                                                                                                                                                                                                                  Content-Length: 94660
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,max-age=31536000
                                                                                                                                                                                                                                                                                                                                  Last-Modified: Thu, 21 Mar 2024 14:59:22 GMT
                                                                                                                                                                                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 16 Apr 2024 14:34:33 GMT
                                                                                                                                                                                                                                                                                                                                  Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                  X-Cache: Hit from cloudfront
                                                                                                                                                                                                                                                                                                                                  Via: 1.1 0b6d83e0abbe33d606389655ee69cd52.cloudfront.net (CloudFront)
                                                                                                                                                                                                                                                                                                                                  X-Amz-Cf-Pop: LAX50-C4
                                                                                                                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                                                                  X-Amz-Cf-Id: VSeGhClBmljh9_OxF9l_Nm_T6cN6KxZmEAtNd8kc8bLJ00n7IbL80Q==
                                                                                                                                                                                                                                                                                                                                  Age: 636899
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC16384INData Raw: 21 66 75 6e 63 74 69 6f 6e 28 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 4c 3d 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 67 6c 6f 62 61 6c 54 68 69 73 3f 67 6c 6f 62 61 6c 54 68 69 73 3a 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 3f 77 69 6e 64 6f 77 3a 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 67 6c 6f 62 61 6c 3f 67 6c 6f 62 61 6c 3a 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 73 65 6c 66 3f 73 65 6c 66 3a 7b 7d 3b 66 75 6e 63 74 69 6f 6e 20 74 28 74 2c 65 29 7b 72 65 74 75 72 6e 20 74 28 65 3d 7b 65 78 70 6f 72 74 73 3a 7b 7d 7d 2c 65 2e 65 78 70 6f 72 74 73 29 2c 65 2e 65 78 70 6f 72 74 73 7d 66 75 6e 63 74 69 6f 6e 20 65 28 74 29 7b 72 65 74 75 72 6e
                                                                                                                                                                                                                                                                                                                                  Data Ascii: !function(){"use strict";var L="undefined"!=typeof globalThis?globalThis:"undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof self?self:{};function t(t,e){return t(e={exports:{}},e.exports),e.exports}function e(t){return
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC16384INData Raw: 28 74 68 69 73 29 7d 7d 78 6e 28 72 2c 65 2c 6e 29 3b 76 61 72 20 63 2c 73 2c 66 2c 6c 3d 65 2b 22 20 49 74 65 72 61 74 6f 72 22 2c 68 3d 21 31 2c 70 3d 74 2e 70 72 6f 74 6f 74 79 70 65 2c 64 3d 70 5b 42 6e 5d 7c 7c 70 5b 22 40 40 69 74 65 72 61 74 6f 72 22 5d 7c 7c 6f 26 26 70 5b 6f 5d 2c 76 3d 21 4c 6e 26 26 64 7c 7c 75 28 6f 29 2c 79 3d 22 41 72 72 61 79 22 3d 3d 65 26 26 70 2e 65 6e 74 72 69 65 73 7c 7c 64 3b 69 66 28 79 26 26 28 63 3d 62 6e 28 79 2e 63 61 6c 6c 28 6e 65 77 20 74 29 29 29 21 3d 3d 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 26 26 63 2e 6e 65 78 74 26 26 28 62 6e 28 63 29 21 3d 3d 46 6e 26 26 28 6b 6e 3f 6b 6e 28 63 2c 46 6e 29 3a 4f 28 63 5b 42 6e 5d 29 7c 7c 6c 65 28 63 2c 42 6e 2c 4f 6e 29 29 2c 45 6e 28 63 2c 6c 2c 21 30 29 29
                                                                                                                                                                                                                                                                                                                                  Data Ascii: (this)}}xn(r,e,n);var c,s,f,l=e+" Iterator",h=!1,p=t.prototype,d=p[Bn]||p["@@iterator"]||o&&p[o],v=!Ln&&d||u(o),y="Array"==e&&p.entries||d;if(y&&(c=bn(y.call(new t)))!==Object.prototype&&c.next&&(bn(c)!==Fn&&(kn?kn(c,Fn):O(c[Bn])||le(c,Bn,On)),En(c,l,!0))
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC16384INData Raw: 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 65 3d 24 28 74 68 69 73 29 2c 72 3d 53 6f 28 74 29 2c 6e 3d 75 28 61 2c 65 2c 72 29 3b 69 66 28 6e 2e 64 6f 6e 65 29 72 65 74 75 72 6e 20 6e 2e 76 61 6c 75 65 3b 76 61 72 20 6f 3d 65 2e 6c 61 73 74 49 6e 64 65 78 3b 6e 75 28 6f 2c 30 29 7c 7c 28 65 2e 6c 61 73 74 49 6e 64 65 78 3d 30 29 3b 76 61 72 20 69 3d 72 61 28 65 2c 72 29 3b 72 65 74 75 72 6e 20 6e 75 28 65 2e 6c 61 73 74 49 6e 64 65 78 2c 6f 29 7c 7c 28 65 2e 6c 61 73 74 49 6e 64 65 78 3d 6f 29 2c 6e 75 6c 6c 3d 3d 3d 69 3f 2d 31 3a 69 2e 69 6e 64 65 78 7d 5d 7d 29 3b 76 61 72 20 6f 75 3d 70 69 2e 55 4e 53 55 50 50 4f 52 54 45 44 5f 59 2c 69 75 3d 34 32 39 34 39 36 37 32 39 35 2c 61 75 3d 4d 61 74 68 2e 6d 69 6e 2c 75 75 3d 5b 5d 2e 70 75 73 68 2c 63 75 3d
                                                                                                                                                                                                                                                                                                                                  Data Ascii: nction(t){var e=$(this),r=So(t),n=u(a,e,r);if(n.done)return n.value;var o=e.lastIndex;nu(o,0)||(e.lastIndex=0);var i=ra(e,r);return nu(e.lastIndex,o)||(e.lastIndex=o),null===i?-1:i.index}]});var ou=pi.UNSUPPORTED_Y,iu=4294967295,au=Math.min,uu=[].push,cu=
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC15405INData Raw: 3d 3d 72 26 26 28 65 2e 66 69 72 73 74 3d 6e 29 2c 65 2e 6c 61 73 74 3d 3d 72 26 26 28 65 2e 6c 61 73 74 3d 6f 29 2c 68 3f 65 2e 73 69 7a 65 2d 2d 3a 74 68 69 73 2e 73 69 7a 65 2d 2d 7d 72 65 74 75 72 6e 21 21 72 7d 2c 66 6f 72 45 61 63 68 3a 66 75 6e 63 74 69 6f 6e 28 74 2c 65 29 7b 66 6f 72 28 76 61 72 20 72 2c 6e 3d 75 28 74 68 69 73 29 2c 6f 3d 72 65 28 74 2c 31 3c 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3f 65 3a 76 6f 69 64 20 30 29 3b 72 3d 72 3f 72 2e 6e 65 78 74 3a 6e 2e 66 69 72 73 74 3b 29 66 6f 72 28 6f 28 72 2e 76 61 6c 75 65 2c 72 2e 6b 65 79 2c 74 68 69 73 29 3b 72 26 26 72 2e 72 65 6d 6f 76 65 64 3b 29 72 3d 72 2e 70 72 65 76 69 6f 75 73 7d 2c 68 61 73 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 21 21 63 28 74 68 69 73
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ==r&&(e.first=n),e.last==r&&(e.last=o),h?e.size--:this.size--}return!!r},forEach:function(t,e){for(var r,n=u(this),o=re(t,1<arguments.length?e:void 0);r=r?r.next:n.first;)for(o(r.value,r.key,this);r&&r.removed;)r=r.previous},has:function(t){return!!c(this
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC16384INData Raw: 6d 65 3d 74 7d 2c 65 6e 75 6d 65 72 61 62 6c 65 3a 21 30 7d 2c 6f 72 69 67 69 6e 3a 7b 67 65 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 3d 7b 22 68 74 74 70 3a 22 3a 38 30 2c 22 68 74 74 70 73 3a 22 3a 34 34 33 2c 22 66 74 70 3a 22 3a 32 31 7d 5b 74 68 69 73 2e 5f 61 6e 63 68 6f 72 45 6c 65 6d 65 6e 74 2e 70 72 6f 74 6f 63 6f 6c 5d 2c 65 3d 74 68 69 73 2e 5f 61 6e 63 68 6f 72 45 6c 65 6d 65 6e 74 2e 70 6f 72 74 21 3d 74 26 26 22 22 21 3d 3d 74 68 69 73 2e 5f 61 6e 63 68 6f 72 45 6c 65 6d 65 6e 74 2e 70 6f 72 74 3b 72 65 74 75 72 6e 20 74 68 69 73 2e 5f 61 6e 63 68 6f 72 45 6c 65 6d 65 6e 74 2e 70 72 6f 74 6f 63 6f 6c 2b 22 2f 2f 22 2b 74 68 69 73 2e 5f 61 6e 63 68 6f 72 45 6c 65 6d 65 6e 74 2e 68 6f 73 74 6e 61 6d 65 2b 28 65 3f 22 3a 22 2b 74
                                                                                                                                                                                                                                                                                                                                  Data Ascii: me=t},enumerable:!0},origin:{get:function(){var t={"http:":80,"https:":443,"ftp:":21}[this._anchorElement.protocol],e=this._anchorElement.port!=t&&""!==this._anchorElement.port;return this._anchorElement.protocol+"//"+this._anchorElement.hostname+(e?":"+t
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC12398INData Raw: 70 72 6f 74 6f 74 79 70 65 3d 74 2e 70 72 6f 74 6f 74 79 70 65 2c 72 7d 28 4f 2e 4b 65 79 62 6f 61 72 64 45 76 65 6e 74 7c 7c 66 75 6e 63 74 69 6f 6e 28 29 7b 7d 29 2c 66 28 4f 2c 22 4b 65 79 62 6f 61 72 64 45 76 65 6e 74 22 2c 7b 76 61 6c 75 65 3a 74 7d 29 2c 4b 65 79 62 6f 61 72 64 45 76 65 6e 74 21 3d 3d 74 26 26 28 4b 65 79 62 6f 61 72 64 45 76 65 6e 74 3d 74 29 7d 74 72 79 7b 6e 65 77 20 4d 6f 75 73 65 45 76 65 6e 74 28 22 5f 22 2c 7b 7d 29 7d 63 61 74 63 68 28 74 29 7b 74 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 66 75 6e 63 74 69 6f 6e 20 65 28 74 2c 65 29 7b 6a 28 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 2c 22 4d 6f 75 73 65 45 76 65 6e 74 22 29 3b 76 61 72 20 72 3d 5f 2e 63 72 65 61 74 65 45 76 65 6e 74 28 22 4d 6f 75 73 65 45 76 65 6e 74 22
                                                                                                                                                                                                                                                                                                                                  Data Ascii: prototype=t.prototype,r}(O.KeyboardEvent||function(){}),f(O,"KeyboardEvent",{value:t}),KeyboardEvent!==t&&(KeyboardEvent=t)}try{new MouseEvent("_",{})}catch(t){t=function(t){function e(t,e){j(arguments.length,"MouseEvent");var r=_.createEvent("MouseEvent"
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC1321INData Raw: 68 74 2d 5f 2e 63 6c 69 65 6e 74 48 65 69 67 68 74 2d 4c 2d 44 3a 30 3b 69 66 28 63 3d 3d 3d 5f 29 55 3d 22 73 74 61 72 74 22 3d 3d 3d 6e 3f 53 3a 22 65 6e 64 22 3d 3d 3d 6e 3f 53 2d 68 3a 22 6e 65 61 72 65 73 74 22 3d 3d 3d 6e 3f 7a 6c 28 64 2c 64 2b 68 2c 68 2c 4c 2c 44 2c 64 2b 53 2c 64 2b 53 2b 79 2c 79 29 3a 53 2d 68 2f 32 2c 4e 3d 22 73 74 61 72 74 22 3d 3d 3d 6f 3f 78 3a 22 63 65 6e 74 65 72 22 3d 3d 3d 6f 3f 78 2d 6c 2f 32 3a 22 65 6e 64 22 3d 3d 3d 6f 3f 78 2d 6c 3a 7a 6c 28 70 2c 70 2b 6c 2c 6c 2c 46 2c 42 2c 70 2b 78 2c 70 2b 78 2b 67 2c 67 29 2c 55 3d 4d 61 74 68 2e 6d 61 78 28 30 2c 55 2b 64 29 2c 4e 3d 4d 61 74 68 2e 6d 61 78 28 30 2c 4e 2b 70 29 3b 65 6c 73 65 7b 55 3d 22 73 74 61 72 74 22 3d 3d 3d 6e 3f 53 2d 54 2d 4c 3a 22 65 6e 64 22 3d
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ht-_.clientHeight-L-D:0;if(c===_)U="start"===n?S:"end"===n?S-h:"nearest"===n?zl(d,d+h,h,L,D,d+S,d+S+y,y):S-h/2,N="start"===o?x:"center"===o?x-l/2:"end"===o?x-l:zl(p,p+l,l,F,B,p+x,p+x+g,g),U=Math.max(0,U+d),N=Math.max(0,N+p);else{U="start"===n?S-T-L:"end"=


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  17192.168.2.74973252.85.205.1954437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC600OUTGET /cache/4666b7b10226b39c77768062c69b31c53897f9d3/telerik/js/dist/all.min.js HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: dtzbdy9anri2p.cloudfront.net
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC507INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/javascript
                                                                                                                                                                                                                                                                                                                                  Content-Length: 258132
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,max-age=31536000
                                                                                                                                                                                                                                                                                                                                  Last-Modified: Thu, 21 Mar 2024 15:00:14 GMT
                                                                                                                                                                                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                  Date: Sat, 20 Apr 2024 11:37:57 GMT
                                                                                                                                                                                                                                                                                                                                  Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                  X-Cache: Hit from cloudfront
                                                                                                                                                                                                                                                                                                                                  Via: 1.1 1822acd2fad68b4656551ad64acdb49a.cloudfront.net (CloudFront)
                                                                                                                                                                                                                                                                                                                                  X-Amz-Cf-Pop: LAX50-C4
                                                                                                                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                                                                  X-Amz-Cf-Id: O-WW8u6HCR3u4Fgjme4htAd2ORuWux3xeqXy5WqXCls7v0PAULVTMg==
                                                                                                                                                                                                                                                                                                                                  Age: 301895
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC16384INData Raw: 21 66 75 6e 63 74 69 6f 6e 28 4f 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 55 2c 65 2c 44 2c 56 2c 4e 2c 42 2c 48 2c 57 2c 71 2c 46 2c 4b 3d 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 67 6c 6f 62 61 6c 54 68 69 73 3f 67 6c 6f 62 61 6c 54 68 69 73 3a 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 3f 77 69 6e 64 6f 77 3a 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 67 6c 6f 62 61 6c 3f 67 6c 6f 62 61 6c 3a 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 73 65 6c 66 3f 73 65 6c 66 3a 7b 7d 3b 66 75 6e 63 74 69 6f 6e 20 7a 28 74 29 7b 76 61 72 20 65 3d 37 2e 35 36 32 35 2c 6e 3d 32 2e 37 35 3b 72 65 74 75 72 6e 20 74 3c 31 2f 6e 3f 65 2a 74 2a 74 3a 74 3c 32 2f 6e 3f 65
                                                                                                                                                                                                                                                                                                                                  Data Ascii: !function(O){"use strict";var U,e,D,V,N,B,H,W,q,F,K="undefined"!=typeof globalThis?globalThis:"undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof self?self:{};function z(t){var e=7.5625,n=2.75;return t<1/n?e*t*t:t<2/n?e
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:32 UTC16384INData Raw: 74 29 7b 7d 7d 72 65 74 75 72 6e 21 31 7d 66 75 6e 63 74 69 6f 6e 20 48 6e 28 6e 2c 74 2c 65 2c 69 29 7b 76 61 72 20 73 2c 72 3d 63 28 6e 29 2c 61 3d 21 67 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 3d 7b 7d 3b 72 65 74 75 72 6e 20 74 5b 72 5d 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 37 7d 2c 37 21 3d 22 22 5b 6e 5d 28 74 29 7d 29 2c 6f 3d 61 26 26 21 67 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 3d 21 31 2c 65 3d 2f 61 2f 3b 72 65 74 75 72 6e 22 73 70 6c 69 74 22 3d 3d 3d 6e 26 26 28 28 65 3d 7b 63 6f 6e 73 74 72 75 63 74 6f 72 3a 7b 7d 7d 29 2e 63 6f 6e 73 74 72 75 63 74 6f 72 5b 42 6f 5d 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 65 7d 2c 65 2e 66 6c 61 67 73 3d 22 22 2c 65 5b 72 5d 3d 2f 2e 2f 5b 72 5d 29
                                                                                                                                                                                                                                                                                                                                  Data Ascii: t){}}return!1}function Hn(n,t,e,i){var s,r=c(n),a=!g(function(){var t={};return t[r]=function(){return 7},7!=""[n](t)}),o=a&&!g(function(){var t=!1,e=/a/;return"split"===n&&((e={constructor:{}}).constructor[Bo]=function(){return e},e.flags="",e[r]=/./[r])
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC16384INData Raw: 6d 6f 3d 69 28 22 6e 61 74 69 76 65 2d 73 74 72 69 6e 67 2d 72 65 70 6c 61 63 65 22 2c 53 74 72 69 6e 67 2e 70 72 6f 74 6f 74 79 70 65 2e 72 65 70 6c 61 63 65 29 2c 67 6f 3d 52 65 67 45 78 70 2e 70 72 6f 74 6f 74 79 70 65 2e 65 78 65 63 2c 76 6f 3d 67 6f 2c 79 6f 3d 62 28 22 22 2e 63 68 61 72 41 74 29 2c 62 6f 3d 62 28 22 22 2e 69 6e 64 65 78 4f 66 29 2c 77 6f 3d 62 28 22 22 2e 72 65 70 6c 61 63 65 29 2c 45 6f 3d 62 28 22 22 2e 73 6c 69 63 65 29 2c 53 6f 3d 28 64 3d 2f 62 2a 2f 67 2c 53 28 67 6f 2c 75 3d 2f 61 2f 2c 22 61 22 29 2c 53 28 67 6f 2c 64 2c 22 61 22 29 2c 30 21 3d 3d 75 2e 6c 61 73 74 49 6e 64 65 78 7c 7c 30 21 3d 3d 64 2e 6c 61 73 74 49 6e 64 65 78 29 2c 54 6f 3d 61 2e 42 52 4f 4b 45 4e 5f 43 41 52 45 54 2c 78 6f 3d 76 6f 69 64 20 30 21 3d 3d
                                                                                                                                                                                                                                                                                                                                  Data Ascii: mo=i("native-string-replace",String.prototype.replace),go=RegExp.prototype.exec,vo=go,yo=b("".charAt),bo=b("".indexOf),wo=b("".replace),Eo=b("".slice),So=(d=/b*/g,S(go,u=/a/,"a"),S(go,d,"a"),0!==u.lastIndex||0!==d.lastIndex),To=a.BROKEN_CARET,xo=void 0!==
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC15410INData Raw: 62 6a 65 63 74 22 2c 73 74 61 74 3a 21 30 2c 66 6f 72 63 65 64 3a 21 66 7c 7c 61 2c 73 68 61 6d 3a 21 66 7d 2c 7b 67 65 74 4f 77 6e 50 72 6f 70 65 72 74 79 44 65 73 63 72 69 70 74 6f 72 3a 66 75 6e 63 74 69 6f 6e 28 74 2c 65 29 7b 72 65 74 75 72 6e 20 46 61 28 6a 74 28 74 29 2c 65 29 7d 7d 29 2c 76 28 7b 74 61 72 67 65 74 3a 22 4f 62 6a 65 63 74 22 2c 73 74 61 74 3a 21 30 2c 73 68 61 6d 3a 21 66 7d 2c 7b 67 65 74 4f 77 6e 50 72 6f 70 65 72 74 79 44 65 73 63 72 69 70 74 6f 72 73 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 66 6f 72 28 76 61 72 20 65 2c 6e 2c 69 3d 6a 74 28 74 29 2c 72 3d 70 65 2e 66 2c 6f 3d 71 65 28 69 29 2c 73 3d 7b 7d 2c 61 3d 30 3b 6f 2e 6c 65 6e 67 74 68 3e 61 3b 29 76 6f 69 64 20 30 21 3d 3d 28 6e 3d 72 28 69 2c 65 3d 6f 5b 61 2b 2b 5d 29
                                                                                                                                                                                                                                                                                                                                  Data Ascii: bject",stat:!0,forced:!f||a,sham:!f},{getOwnPropertyDescriptor:function(t,e){return Fa(jt(t),e)}}),v({target:"Object",stat:!0,sham:!f},{getOwnPropertyDescriptors:function(t){for(var e,n,i=jt(t),r=pe.f,o=qe(i),s={},a=0;o.length>a;)void 0!==(n=r(i,e=o[a++])
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC6396INData Raw: 7b 76 61 72 20 65 3d 74 68 69 73 5b 78 6c 5d 3b 72 65 74 75 72 6e 20 74 20 69 6e 20 65 3f 65 5b 74 5d 2e 73 6c 69 63 65 28 30 29 3a 5b 5d 7d 2c 74 2e 68 61 73 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 74 20 69 6e 20 74 68 69 73 5b 78 6c 5d 7d 2c 74 2e 73 65 74 3d 66 75 6e 63 74 69 6f 6e 28 74 2c 65 29 7b 74 68 69 73 5b 78 6c 5d 5b 74 5d 3d 5b 22 22 2b 65 5d 7d 2c 74 2e 74 6f 53 74 72 69 6e 67 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 2c 65 2c 6e 2c 69 2c 72 3d 74 68 69 73 5b 78 6c 5d 2c 6f 3d 5b 5d 3b 66 6f 72 28 65 20 69 6e 20 72 29 66 6f 72 28 6e 3d 5f 6c 28 65 29 2c 74 3d 30 2c 69 3d 72 5b 65 5d 3b 74 3c 69 2e 6c 65 6e 67 74 68 3b 74 2b 2b 29 6f 2e 70 75 73 68 28 6e 2b 22 3d 22 2b 5f 6c 28 69 5b 74 5d 29 29 3b 72 65 74 75 72
                                                                                                                                                                                                                                                                                                                                  Data Ascii: {var e=this[xl];return t in e?e[t].slice(0):[]},t.has=function(t){return t in this[xl]},t.set=function(t,e){this[xl][t]=[""+e]},t.toString=function(){var t,e,n,i,r=this[xl],o=[];for(e in r)for(n=_l(e),t=0,i=r[e];t<i.length;t++)o.push(n+"="+_l(i[t]));retur
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC16384INData Raw: 6f 62 28 5b 74 68 69 73 2e 5f 62 6f 64 79 54 65 78 74 5d 29 29 7d 2c 74 68 69 73 2e 61 72 72 61 79 42 75 66 66 65 72 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 5f 62 6f 64 79 41 72 72 61 79 42 75 66 66 65 72 3f 65 75 28 74 68 69 73 29 7c 7c 50 72 6f 6d 69 73 65 2e 72 65 73 6f 6c 76 65 28 74 68 69 73 2e 5f 62 6f 64 79 41 72 72 61 79 42 75 66 66 65 72 29 3a 74 68 69 73 2e 62 6c 6f 62 28 29 2e 74 68 65 6e 28 69 75 29 7d 29 2c 74 68 69 73 2e 74 65 78 74 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 2c 65 2c 6e 3d 65 75 28 74 68 69 73 29 3b 69 66 28 6e 29 72 65 74 75 72 6e 20 6e 3b 69 66 28 74 68 69 73 2e 5f 62 6f 64 79 42 6c 6f 62 29 72 65 74 75 72 6e 20 6e 3d 74 68 69 73 2e 5f 62 6f 64 79 42 6c 6f 62 2c 74 3d 6e 65 77 20 46
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ob([this._bodyText]))},this.arrayBuffer=function(){return this._bodyArrayBuffer?eu(this)||Promise.resolve(this._bodyArrayBuffer):this.blob().then(iu)}),this.text=function(){var t,e,n=eu(this);if(n)return n;if(this._bodyBlob)return n=this._bodyBlob,t=new F
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC2804INData Raw: 74 65 64 53 74 79 6c 65 28 45 29 2c 49 3d 70 61 72 73 65 49 6e 74 28 50 2e 62 6f 72 64 65 72 4c 65 66 74 57 69 64 74 68 2c 31 30 29 2c 4f 3d 70 61 72 73 65 49 6e 74 28 50 2e 62 6f 72 64 65 72 54 6f 70 57 69 64 74 68 2c 31 30 29 2c 5f 3d 70 61 72 73 65 49 6e 74 28 50 2e 62 6f 72 64 65 72 52 69 67 68 74 57 69 64 74 68 2c 31 30 29 2c 50 3d 70 61 72 73 65 49 6e 74 28 50 2e 62 6f 72 64 65 72 42 6f 74 74 6f 6d 57 69 64 74 68 2c 31 30 29 2c 52 3d 30 2c 41 3d 30 2c 6a 3d 22 6f 66 66 73 65 74 57 69 64 74 68 22 69 6e 20 45 3f 45 2e 6f 66 66 73 65 74 57 69 64 74 68 2d 45 2e 63 6c 69 65 6e 74 57 69 64 74 68 2d 49 2d 5f 3a 30 2c 4d 3d 22 6f 66 66 73 65 74 48 65 69 67 68 74 22 69 6e 20 45 3f 45 2e 6f 66 66 73 65 74 48 65 69 67 68 74 2d 45 2e 63 6c 69 65 6e 74 48 65 69
                                                                                                                                                                                                                                                                                                                                  Data Ascii: tedStyle(E),I=parseInt(P.borderLeftWidth,10),O=parseInt(P.borderTopWidth,10),_=parseInt(P.borderRightWidth,10),P=parseInt(P.borderBottomWidth,10),R=0,A=0,j="offsetWidth"in E?E.offsetWidth-E.clientWidth-I-_:0,M="offsetHeight"in E?E.offsetHeight-E.clientHei
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC16384INData Raw: 74 69 6f 6e 22 2c 7b 63 6f 6e 66 69 67 75 72 61 62 6c 65 3a 21 30 2c 77 72 69 74 61 62 6c 65 3a 21 30 2c 76 61 6c 75 65 3a 65 7d 29 7d 6f 2e 70 72 6f 74 6f 74 79 70 65 2e 74 6f 53 74 72 69 6e 67 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 73 7d 3b 66 75 6e 63 74 69 6f 6e 20 73 28 74 29 7b 69 66 28 74 68 69 73 20 69 6e 73 74 61 6e 63 65 6f 66 20 73 29 74 68 72 6f 77 20 6e 65 77 20 54 79 70 65 45 72 72 6f 72 28 22 53 79 6d 62 6f 6c 20 69 73 20 6e 6f 74 20 61 20 63 6f 6e 73 74 72 75 63 74 6f 72 22 29 3b 72 65 74 75 72 6e 20 6e 65 77 20 6f 28 22 6a 73 63 6f 6d 70 5f 73 79 6d 62 6f 6c 5f 22 2b 28 74 7c 7c 22 22 29 2b 22 5f 22 2b 61 2b 2b 2c 74 29 7d 76 61 72 20 61 2c 74 3b 61 3d 30 3b 66 75 6e 63 74 69 6f 6e 20 63 28 29 7b 72 28 29
                                                                                                                                                                                                                                                                                                                                  Data Ascii: tion",{configurable:!0,writable:!0,value:e})}o.prototype.toString=function(){return this.s};function s(t){if(this instanceof s)throw new TypeError("Symbol is not a constructor");return new o("jscomp_symbol_"+(t||"")+"_"+a++,t)}var a,t;a=0;function c(){r()
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC2804INData Raw: 6c 61 63 65 68 6f 6c 64 65 72 2c 74 68 69 73 2e 65 6c 65 6d 65 6e 74 29 29 7d 2c 6d 2e 70 72 6f 74 6f 74 79 70 65 2e 66 69 78 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73 2e 61 64 64 50 6c 61 63 65 68 6f 6c 64 65 72 28 29 2c 74 68 69 73 2e 6f 70 74 69 6f 6e 73 2e 63 6c 61 73 73 4f 6e 6c 79 7c 7c 74 68 69 73 2e 63 73 73 28 7b 70 6f 73 69 74 69 6f 6e 3a 22 66 69 78 65 64 22 2c 74 6f 70 3a 74 68 69 73 2e 6f 70 74 69 6f 6e 73 2e 74 6f 70 2b 22 70 78 22 2c 77 69 64 74 68 3a 74 68 69 73 2e 69 6e 69 74 69 61 6c 2e 77 69 64 74 68 2b 22 70 78 22 7d 29 2c 74 68 69 73 2e 65 6c 65 6d 65 6e 74 2e 63 6c 61 73 73 4c 69 73 74 2e 61 64 64 28 74 68 69 73 2e 6f 70 74 69 6f 6e 73 2e 66 69 78 43 6c 61 73 73 29 2c 74 68 69 73 2e 66 69 78 65 64 3d 21 30 7d 2c 6d 2e 70 72 6f
                                                                                                                                                                                                                                                                                                                                  Data Ascii: laceholder,this.element))},m.prototype.fix=function(){this.addPlaceholder(),this.options.classOnly||this.css({position:"fixed",top:this.options.top+"px",width:this.initial.width+"px"}),this.element.classList.add(this.options.fixClass),this.fixed=!0},m.pro
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:33 UTC16384INData Raw: 64 4f 6e 52 65 73 69 7a 65 2c 21 31 29 2c 28 65 7c 7c 6e 29 26 26 77 69 6e 64 6f 77 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 72 65 73 69 7a 65 22 2c 74 68 69 73 2e 62 6f 75 6e 64 53 77 69 74 63 68 48 61 6e 64 6c 65 72 2c 21 31 29 2c 21 65 7c 7c 69 3d 3d 3d 54 68 26 26 72 3d 3d 3d 54 68 7c 7c 77 69 6e 64 6f 77 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 72 65 73 69 7a 65 22 2c 74 68 69 73 2e 62 6f 75 6e 64 42 72 65 61 6b 70 6f 69 6e 74 48 61 6e 64 6c 65 72 2c 21 31 29 2c 74 68 69 73 2e 72 65 73 65 74 28 29 2c 74 68 69 73 2e 5f 73 77 69 74 63 68 65 64 4f 6e 3d 21 30 29 7d 2c 6d 2e 70 72 6f 74 6f 74 79 70 65 2e 74 75 72 6e 4f 66 66 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73 2e 5f 73 77 69 74 63 68 65 64 4f 6e 26 26 28 77 69
                                                                                                                                                                                                                                                                                                                                  Data Ascii: dOnResize,!1),(e||n)&&window.addEventListener("resize",this.boundSwitchHandler,!1),!e||i===Th&&r===Th||window.addEventListener("resize",this.boundBreakpointHandler,!1),this.reset(),this._switchedOn=!0)},m.prototype.turnOff=function(){this._switchedOn&&(wi


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  18192.168.2.749734104.19.178.524437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:34 UTC631OUTGET /consent/3dfce4f2-dab6-4128-9f33-df7e0597da82/3dfce4f2-dab6-4128-9f33-df7e0597da82.json HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: cdn.cookielaw.org
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:35 UTC902INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:35 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/x-javascript
                                                                                                                                                                                                                                                                                                                                  Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  CF-Ray: 8791a2f19c16a982-LAS
                                                                                                                                                                                                                                                                                                                                  CF-Cache-Status: HIT
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  Age: 75610
                                                                                                                                                                                                                                                                                                                                  Cache-Control: public, max-age=86400
                                                                                                                                                                                                                                                                                                                                  Expires: Wed, 24 Apr 2024 23:29:34 GMT
                                                                                                                                                                                                                                                                                                                                  Last-Modified: Thu, 11 Apr 2024 13:50:46 GMT
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                                                                                  Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                  Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                                                                                                                                                                                                                                                                                                  Content-MD5: sAZNi3VzA3Nlloh5BZ+ycA==
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  x-ms-blob-type: BlockBlob
                                                                                                                                                                                                                                                                                                                                  x-ms-lease-status: unlocked
                                                                                                                                                                                                                                                                                                                                  x-ms-request-id: 690fef81-801e-00a7-3117-8cd141000000
                                                                                                                                                                                                                                                                                                                                  x-ms-version: 2009-09-19
                                                                                                                                                                                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:35 UTC467INData Raw: 31 32 66 32 0d 0a 7b 22 43 6f 6f 6b 69 65 53 50 41 45 6e 61 62 6c 65 64 22 3a 66 61 6c 73 65 2c 22 43 6f 6f 6b 69 65 53 61 6d 65 53 69 74 65 4e 6f 6e 65 45 6e 61 62 6c 65 64 22 3a 66 61 6c 73 65 2c 22 43 6f 6f 6b 69 65 56 32 43 53 50 45 6e 61 62 6c 65 64 22 3a 66 61 6c 73 65 2c 22 4d 75 6c 74 69 56 61 72 69 61 6e 74 54 65 73 74 69 6e 67 45 6e 61 62 6c 65 64 22 3a 66 61 6c 73 65 2c 22 55 73 65 56 32 22 3a 74 72 75 65 2c 22 4d 6f 62 69 6c 65 53 44 4b 22 3a 66 61 6c 73 65 2c 22 53 6b 69 70 47 65 6f 6c 6f 63 61 74 69 6f 6e 22 3a 66 61 6c 73 65 2c 22 53 63 72 69 70 74 54 79 70 65 22 3a 22 50 52 4f 44 55 43 54 49 4f 4e 22 2c 22 56 65 72 73 69 6f 6e 22 3a 22 32 30 32 34 30 31 2e 32 2e 30 22 2c 22 4f 70 74 61 6e 6f 6e 44 61 74 61 4a 53 4f 4e 22 3a 22 33 64 66 63
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 12f2{"CookieSPAEnabled":false,"CookieSameSiteNoneEnabled":false,"CookieV2CSPEnabled":false,"MultiVariantTestingEnabled":false,"UseV2":true,"MobileSDK":false,"SkipGeolocation":false,"ScriptType":"PRODUCTION","Version":"202401.2.0","OptanonDataJSON":"3dfc
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:35 UTC1369INData Raw: 74 22 3a 5b 7b 22 49 64 22 3a 22 63 33 34 39 35 38 35 35 2d 66 66 63 33 2d 34 65 36 38 2d 38 31 31 62 2d 62 35 64 38 32 30 31 61 63 35 33 63 22 2c 22 4e 61 6d 65 22 3a 22 43 61 6c 69 66 6f 72 6e 69 61 22 2c 22 43 6f 75 6e 74 72 69 65 73 22 3a 5b 5d 2c 22 53 74 61 74 65 73 22 3a 7b 22 75 73 22 3a 5b 22 63 61 22 5d 7d 2c 22 4c 61 6e 67 75 61 67 65 53 77 69 74 63 68 65 72 50 6c 61 63 65 68 6f 6c 64 65 72 22 3a 7b 22 64 65 66 61 75 6c 74 22 3a 22 65 6e 22 7d 2c 22 42 61 6e 6e 65 72 50 75 73 68 65 73 44 6f 77 6e 22 3a 66 61 6c 73 65 2c 22 44 65 66 61 75 6c 74 22 3a 66 61 6c 73 65 2c 22 47 6c 6f 62 61 6c 22 3a 66 61 6c 73 65 2c 22 54 79 70 65 22 3a 22 47 44 50 52 22 2c 22 55 73 65 47 6f 6f 67 6c 65 56 65 6e 64 6f 72 73 22 3a 66 61 6c 73 65 2c 22 56 61 72 69 61
                                                                                                                                                                                                                                                                                                                                  Data Ascii: t":[{"Id":"c3495855-ffc3-4e68-811b-b5d8201ac53c","Name":"California","Countries":[],"States":{"us":["ca"]},"LanguageSwitcherPlaceholder":{"default":"en"},"BannerPushesDown":false,"Default":false,"Global":false,"Type":"GDPR","UseGoogleVendors":false,"Varia
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:35 UTC1369INData Raw: 22 73 68 22 2c 22 73 6a 22 2c 22 62 79 22 2c 22 62 7a 22 2c 22 73 6c 22 2c 22 73 6e 22 2c 22 73 6f 22 2c 22 63 61 22 2c 22 73 72 22 2c 22 73 73 22 2c 22 63 63 22 2c 22 73 74 22 2c 22 63 64 22 2c 22 73 76 22 2c 22 63 66 22 2c 22 63 67 22 2c 22 73 78 22 2c 22 63 69 22 2c 22 73 79 22 2c 22 73 7a 22 2c 22 63 6b 22 2c 22 63 6c 22 2c 22 63 6d 22 2c 22 63 6e 22 2c 22 63 6f 22 2c 22 63 72 22 2c 22 74 63 22 2c 22 74 64 22 2c 22 63 75 22 2c 22 74 66 22 2c 22 63 76 22 2c 22 74 67 22 2c 22 74 68 22 2c 22 63 77 22 2c 22 63 78 22 2c 22 74 6a 22 2c 22 74 6b 22 2c 22 74 6c 22 2c 22 74 6d 22 2c 22 74 6e 22 2c 22 74 6f 22 2c 22 74 72 22 2c 22 74 74 22 2c 22 74 76 22 2c 22 74 77 22 2c 22 64 6a 22 2c 22 74 7a 22 2c 22 64 6d 22 2c 22 64 6f 22 2c 22 75 61 22 2c 22 75 67 22 2c
                                                                                                                                                                                                                                                                                                                                  Data Ascii: "sh","sj","by","bz","sl","sn","so","ca","sr","ss","cc","st","cd","sv","cf","cg","sx","ci","sy","sz","ck","cl","cm","cn","co","cr","tc","td","cu","tf","cv","tg","th","cw","cx","tj","tk","tl","tm","tn","to","tr","tt","tv","tw","dj","tz","dm","do","ua","ug",
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:35 UTC1369INData Raw: 3a 6e 75 6c 6c 2c 22 76 65 6e 64 6f 72 4c 69 73 74 56 65 72 73 69 6f 6e 22 3a 30 2c 22 6d 61 78 56 65 6e 64 6f 72 49 64 22 3a 30 2c 22 65 6e 63 6f 64 69 6e 67 54 79 70 65 22 3a 22 30 22 2c 22 67 6c 6f 62 61 6c 56 65 6e 64 6f 72 4c 69 73 74 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2e 63 6f 6f 6b 69 65 6c 61 77 2e 6f 72 67 2f 76 65 6e 64 6f 72 6c 69 73 74 2f 69 61 62 44 61 74 61 2e 6a 73 6f 6e 22 7d 2c 22 49 61 62 56 32 44 61 74 61 22 3a 7b 22 63 6f 6f 6b 69 65 56 65 72 73 69 6f 6e 22 3a 22 31 22 2c 22 63 72 65 61 74 65 64 54 69 6d 65 22 3a 22 32 30 32 34 2d 30 34 2d 31 31 54 31 33 3a 35 30 3a 34 36 2e 31 32 31 37 39 32 38 30 32 22 2c 22 75 70 64 61 74 65 64 54 69 6d 65 22 3a 22 32 30 32 34 2d 30 34 2d 31 31 54 31 33 3a 35 30 3a 34 36 2e 31 32 31
                                                                                                                                                                                                                                                                                                                                  Data Ascii: :null,"vendorListVersion":0,"maxVendorId":0,"encodingType":"0","globalVendorListUrl":"https://cdn.cookielaw.org/vendorlist/iabData.json"},"IabV2Data":{"cookieVersion":"1","createdTime":"2024-04-11T13:50:46.121792802","updatedTime":"2024-04-11T13:50:46.121
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:35 UTC284INData Raw: 34 38 65 22 2c 22 45 6e 76 49 64 22 3a 22 61 70 70 2d 70 72 6f 64 22 2c 22 52 65 6d 6f 74 65 41 63 74 69 6f 6e 73 45 6e 61 62 6c 65 64 22 3a 66 61 6c 73 65 2c 22 47 65 6f 52 75 6c 65 47 72 6f 75 70 4e 61 6d 65 22 3a 22 54 65 6c 65 72 69 6b 2e 43 6f 6d 20 43 6f 6e 73 65 6e 74 20 50 6f 6c 69 63 79 22 2c 22 47 41 54 72 61 63 6b 54 6f 67 67 6c 65 22 3a 74 72 75 65 2c 22 47 41 54 72 61 63 6b 41 73 73 69 67 6e 65 64 43 61 74 65 67 6f 72 79 22 3a 22 41 53 22 2c 22 57 65 62 46 6f 72 6d 49 6e 74 65 67 72 61 74 69 6f 6e 45 6e 61 62 6c 65 64 22 3a 66 61 6c 73 65 2c 22 57 65 62 46 6f 72 6d 53 72 63 55 72 6c 22 3a 22 22 2c 22 57 65 62 46 6f 72 6d 57 6f 72 6b 65 72 55 72 6c 22 3a 22 22 2c 22 47 70 70 44 61 74 61 22 3a 7b 22 63 6d 70 49 64 22 3a 22 32 38 22 7d 2c 22 41
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 48e","EnvId":"app-prod","RemoteActionsEnabled":false,"GeoRuleGroupName":"Telerik.Com Consent Policy","GATrackToggle":true,"GATrackAssignedCategory":"AS","WebFormIntegrationEnabled":false,"WebFormSrcUrl":"","WebFormWorkerUrl":"","GppData":{"cmpId":"28"},"A
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:35 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 0


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  19192.168.2.74973550.56.19.1124437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:34 UTC647OUTGET /webapi/Announcements/GetPromo?url=https://www.telerik.com/download/fiddler/first-run HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  Cache-Control: max-age=0
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/download/fiddler/first-run
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:35 UTC452INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Content-Length: 35
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/json; charset=utf-8
                                                                                                                                                                                                                                                                                                                                  Expires: -1
                                                                                                                                                                                                                                                                                                                                  Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: http://localconverter.telerik.com
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:35 GMT
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:35 UTC35INData Raw: 7b 22 63 6f 6e 74 65 6e 74 22 3a 7b 22 70 72 6f 6d 6f 56 69 65 77 4d 6f 64 65 6c 22 3a 6e 75 6c 6c 7d 7d
                                                                                                                                                                                                                                                                                                                                  Data Ascii: {"content":{"promoViewModel":null}}


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  20192.168.2.749737152.195.19.974437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:35 UTC598OUTGET /sdk/sitefinity-insight-client.min.3.1.13.js HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: cdn.insight.sitefinity.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:35 UTC678INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  Access-Control-Expose-Headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
                                                                                                                                                                                                                                                                                                                                  Age: 113385
                                                                                                                                                                                                                                                                                                                                  Cache-Control: max-age=604800
                                                                                                                                                                                                                                                                                                                                  Content-MD5: btCDptxYjdu7fLqqCwldEg==
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/javascript
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:35 GMT
                                                                                                                                                                                                                                                                                                                                  Etag: 0x8DC62A04B09F5D1
                                                                                                                                                                                                                                                                                                                                  Expires: Tue, 30 Apr 2024 23:29:35 GMT
                                                                                                                                                                                                                                                                                                                                  Last-Modified: Mon, 22 Apr 2024 07:46:17 GMT
                                                                                                                                                                                                                                                                                                                                  Server: ECAcc (lac/55D9)
                                                                                                                                                                                                                                                                                                                                  Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                  X-Cache: HIT
                                                                                                                                                                                                                                                                                                                                  x-ms-blob-type: BlockBlob
                                                                                                                                                                                                                                                                                                                                  x-ms-lease-status: unlocked
                                                                                                                                                                                                                                                                                                                                  x-ms-request-id: 531f3450-801e-0017-7fce-948e16000000
                                                                                                                                                                                                                                                                                                                                  x-ms-version: 2009-09-19
                                                                                                                                                                                                                                                                                                                                  Content-Length: 51997
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:35 UTC16383INData Raw: 76 61 72 20 73 66 44 61 74 61 49 6e 74 65 6c 6c 3d 73 66 44 61 74 61 49 6e 74 65 6c 6c 7c 7c 7b 7d 3b 73 66 44 61 74 61 49 6e 74 65 6c 6c 2e 63 6f 6e 73 74 61 6e 74 73 3d 7b 73 64 6b 56 65 72 73 69 6f 6e 3a 22 6a 73 2d 33 2e 31 2e 33 36 22 2c 63 6f 6f 6b 69 65 4e 61 6d 65 3a 22 73 66 2d 64 61 74 61 2d 69 6e 74 65 6c 6c 2d 73 75 62 6a 65 63 74 22 2c 64 6f 63 73 43 6f 6f 6b 69 65 4e 61 6d 65 3a 22 73 66 2d 69 6e 73 2d 6c 73 74 2d 64 6f 63 2d 74 72 63 6b 64 22 2c 73 65 73 73 69 6f 6e 43 6f 6f 6b 69 65 4e 61 6d 65 3a 22 73 66 2d 69 6e 73 2d 73 73 69 64 22 2c 70 61 67 65 56 69 73 69 74 49 64 43 6f 6f 6b 69 65 4e 61 6d 65 3a 22 73 66 2d 69 6e 73 2d 70 76 2d 69 64 22 2c 73 66 54 72 61 63 6b 69 6e 67 49 64 73 53 74 6f 72 61 67 65 4b 65 79 3a 22 73 66 2d 74 72 2d
                                                                                                                                                                                                                                                                                                                                  Data Ascii: var sfDataIntell=sfDataIntell||{};sfDataIntell.constants={sdkVersion:"js-3.1.36",cookieName:"sf-data-intell-subject",docsCookieName:"sf-ins-lst-doc-trckd",sessionCookieName:"sf-ins-ssid",pageVisitIdCookieName:"sf-ins-pv-id",sfTrackingIdsStorageKey:"sf-tr-
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:35 UTC16383INData Raw: 44 6f 6d 61 69 6e 54 72 61 63 6b 69 6e 67 48 75 62 49 6e 73 74 72 75 6d 65 6e 74 61 74 69 6f 6e 55 72 6c 2c 63 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 22 69 64 22 2c 62 29 2c 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 64 6f 63 75 6d 65 6e 74 2e 68 61 73 53 74 6f 72 61 67 65 41 63 63 65 73 73 3f 63 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 22 73 61 6e 64 62 6f 78 22 2c 22 61 6c 6c 6f 77 2d 73 74 6f 72 61 67 65 2d 61 63 63 65 73 73 2d 62 79 2d 75 73 65 72 2d 61 63 74 69 76 61 74 69 6f 6e 20 61 6c 6c 6f 77 2d 73 63 72 69 70 74 73 20 61 6c 6c 6f 77 2d 73 61 6d 65 2d 6f 72 69 67 69 6e 22 29 3a 63 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 22 68 69 64 64 65 6e 22 2c 22 68 69 64 64 65 6e 22 29 3b 76 61 72 20 64 3d 74 68 69 73 3b 74 68 69 73 2e 72
                                                                                                                                                                                                                                                                                                                                  Data Ascii: DomainTrackingHubInstrumentationUrl,c.setAttribute("id",b),"function"==typeof document.hasStorageAccess?c.setAttribute("sandbox","allow-storage-access-by-user-activation allow-scripts allow-same-origin"):c.setAttribute("hidden","hidden");var d=this;this.r
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:35 UTC16383INData Raw: 61 2e 63 6f 6e 74 65 6e 74 4d 65 74 61 64 61 74 61 2c 74 68 69 73 2e 6f 62 6a 4d 65 74 61 64 61 74 61 2e 54 69 74 6c 65 26 26 61 2e 64 6f 63 75 6d 65 6e 74 54 69 74 6c 65 26 26 74 68 69 73 2e 6f 62 6a 4d 65 74 61 64 61 74 61 2e 54 69 74 6c 65 21 3d 3d 61 2e 64 6f 63 75 6d 65 6e 74 54 69 74 6c 65 26 26 28 74 68 69 73 2e 6f 62 6a 4d 65 74 61 64 61 74 61 2e 44 6f 63 75 6d 65 6e 74 54 69 74 6c 65 3d 61 2e 64 6f 63 75 6d 65 6e 74 54 69 74 6c 65 29 29 7d 2c 61 2e 45 6e 67 61 67 65 6d 65 6e 74 54 72 61 63 6b 65 72 2e 70 72 6f 74 6f 74 79 70 65 3d 7b 5f 72 65 73 65 74 45 6e 67 61 67 65 6d 65 6e 74 54 72 61 63 6b 69 6e 67 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73 2e 6c 61 73 74 56 69 73 69 62 69 6c 69 74 79 54 69 6d 65 73 74 61 6d 70 3d 28 6e 65 77 20 44 61
                                                                                                                                                                                                                                                                                                                                  Data Ascii: a.contentMetadata,this.objMetadata.Title&&a.documentTitle&&this.objMetadata.Title!==a.documentTitle&&(this.objMetadata.DocumentTitle=a.documentTitle))},a.EngagementTracker.prototype={_resetEngagementTracking:function(){this.lastVisibilityTimestamp=(new Da
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:35 UTC2848INData Raw: 2c 62 29 7b 74 68 69 73 2e 73 65 6e 74 65 6e 63 65 43 6c 69 65 6e 74 2e 77 72 69 74 65 53 65 6e 74 65 6e 63 65 28 7b 6d 61 70 70 65 64 54 6f 3a 5b 7b 53 3a 61 2c 44 53 3a 62 7d 5d 7d 29 7d 7d 7d 28 73 66 44 61 74 61 49 6e 74 65 6c 6c 29 3b 76 61 72 20 73 66 44 61 74 61 49 6e 74 65 6c 6c 3d 73 66 44 61 74 61 49 6e 74 65 6c 6c 7c 7c 7b 7d 3b 21 66 75 6e 63 74 69 6f 6e 28 61 29 7b 61 2e 50 61 67 65 4d 65 74 61 64 61 74 61 53 74 6f 72 65 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 74 68 69 73 2e 73 69 7a 65 4c 69 6d 69 74 65 72 3d 31 65 33 2c 74 68 69 73 2e 6c 6f 63 61 6c 53 74 6f 72 61 67 65 4b 65 79 3d 22 44 65 63 50 61 67 65 4d 65 74 61 64 61 74 61 5f 22 2b 61 2c 74 68 69 73 2e 69 6e 64 65 78 65 72 3d 5b 5d 2c 74 68 69 73 2e 76 61 6c 75 65 43 6f 6e 74 61 69 6e
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ,b){this.sentenceClient.writeSentence({mappedTo:[{S:a,DS:b}]})}}}(sfDataIntell);var sfDataIntell=sfDataIntell||{};!function(a){a.PageMetadataStore=function(a){this.sizeLimiter=1e3,this.localStorageKey="DecPageMetadata_"+a,this.indexer=[],this.valueContain


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  21192.168.2.74973852.85.205.1954437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:35 UTC731OUTGET /cache/b6ce06a57a51347c21d7af30873baa8620408fd6/telerik/iconfont/tlrk-icon-font-dc6cff9dd8.woff2 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: dtzbdy9anri2p.cloudfront.net
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: font
                                                                                                                                                                                                                                                                                                                                  Referer: https://dtzbdy9anri2p.cloudfront.net/cache/b6ce06a57a51347c21d7af30873baa8620408fd6/telerik/css/style.css
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:35 UTC504INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Content-Type: font/woff2
                                                                                                                                                                                                                                                                                                                                  Content-Length: 12164
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,max-age=31536000
                                                                                                                                                                                                                                                                                                                                  Last-Modified: Thu, 21 Mar 2024 15:00:12 GMT
                                                                                                                                                                                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  Date: Thu, 28 Mar 2024 11:54:50 GMT
                                                                                                                                                                                                                                                                                                                                  X-Cache: Hit from cloudfront
                                                                                                                                                                                                                                                                                                                                  Via: 1.1 611c5d5bfc56f00ceee3056521dd94aa.cloudfront.net (CloudFront)
                                                                                                                                                                                                                                                                                                                                  X-Amz-Cf-Pop: LAX50-C4
                                                                                                                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                                                                  X-Amz-Cf-Id: z3DQcPyBB1p7mzMA-IfEoKmmj777lbxo3jOmLOG8uDk0wF7JdXlvOw==
                                                                                                                                                                                                                                                                                                                                  Age: 2288085
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:35 UTC12164INData Raw: 77 4f 46 32 00 01 00 00 00 00 2f 84 00 0b 00 00 00 00 6c e8 00 00 2f 32 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1c 54 06 56 00 8e 20 0a 81 b4 54 81 9b 1d 01 36 02 24 03 83 28 0b 81 56 00 04 20 05 84 5e 07 89 2d 1b 93 5e 65 86 18 6c 1c 00 23 f3 be b0 22 2a 56 c5 28 4a e6 a8 94 fd ff e7 04 69 63 98 e6 ca 53 8a a8 9b 62 22 54 ac 52 c7 dd b6 2f 1d 9d 78 da 81 bf 2d a1 22 7a 52 96 c3 df d9 fb 85 15 d1 c4 90 89 20 a5 d2 8a 11 0a 33 75 3c 6e ab ca 4c c6 fb fd 3f f7 fa 1a e9 33 ad 83 5d 0c 76 48 52 34 21 80 35 77 2f 33 44 75 a8 69 2b f4 42 c8 57 ea e0 01 f6 97 ef 43 68 07 0f 1d f0 8d ae 7d 21 24 13 00 87 ed 7e fa 5a bb 49 11 44 af 81 97 69 02 65 09 6e d0 02 00 0a b7 dd 7e 14 80 8a b1 98 a2 85 19 b5 38 8b 17 6a 72 78 5e cf 5e fc b0
                                                                                                                                                                                                                                                                                                                                  Data Ascii: wOF2/l/2TV T6$(V ^-^el#"*V(JicSb"TR/x-"zR 3u<nL?3]vHR4!5w/3Dui+BWCh}!$~ZIDien~8jrx^^


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  22192.168.2.749739108.139.9.184437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:35 UTC673OUTGET /Frontend-Assembly/Web.SitefinityExtensions.EloquaConnector/Scripts/BrowserSessionStorage.min.js?package=PureMvc&v=Q2NzWmRUZmg5UHpIS3RyRDhtYkJmUT09 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: d585tldpucybw.cloudfront.net
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:35 UTC779INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/javascript
                                                                                                                                                                                                                                                                                                                                  Content-Length: 667
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Last-Modified: Wed, 03 Apr 2024 14:36:44 GMT
                                                                                                                                                                                                                                                                                                                                  Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: http://localconverter.telerik.com
                                                                                                                                                                                                                                                                                                                                  Cache-Control: public, max-age=74769
                                                                                                                                                                                                                                                                                                                                  Expires: Tue, 30 Apr 2024 11:10:35 GMT
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 14:24:25 GMT
                                                                                                                                                                                                                                                                                                                                  Vary: Accept-Encoding,Cookie
                                                                                                                                                                                                                                                                                                                                  X-Cache: Hit from cloudfront
                                                                                                                                                                                                                                                                                                                                  Via: 1.1 22d43bf299ac98b08849f5a01a8af246.cloudfront.net (CloudFront)
                                                                                                                                                                                                                                                                                                                                  X-Amz-Cf-Pop: SFO5-P2
                                                                                                                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                                                                  X-Amz-Cf-Id: DTzHdNUqUsXLsOY4ihTeBHeqQB69J1CfvrNjkgadj8j8SWJJyYW9PQ==
                                                                                                                                                                                                                                                                                                                                  Age: 32709
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:35 UTC667INData Raw: 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 6e 3d 22 62 73 63 22 3b 66 75 6e 63 74 69 6f 6e 20 69 28 6e 29 7b 66 6f 72 28 76 61 72 20 72 3d 6e 2b 22 3d 22 2c 66 3d 64 65 63 6f 64 65 55 52 49 43 6f 6d 70 6f 6e 65 6e 74 28 64 6f 63 75 6d 65 6e 74 2e 63 6f 6f 6b 69 65 29 2c 75 3d 66 2e 73 70 6c 69 74 28 22 3b 22 29 2c 69 3d 30 3b 69 3c 75 2e 6c 65 6e 67 74 68 3b 69 2b 2b 29 7b 66 6f 72 28 76 61 72 20 74 3d 75 5b 69 5d 3b 74 2e 63 68 61 72 41 74 28 30 29 3d 3d 3d 22 20 22 3b 29 74 3d 74 2e 73 75 62 73 74 72 69 6e 67 28 31 29 3b 69 66 28 74 2e 69 6e 64 65 78 4f 66 28 72 29 3d 3d 3d 30 29 72 65 74 75 72 6e 20 74 2e 73 75 62 73 74 72 69 6e 67 28 72 2e 6c 65 6e 67 74 68 2c 74 2e 6c 65 6e 67 74 68 29 7d 72 65 74 75 72 6e 20 6e 75 6c 6c 7d 66 75 6e 63 74 69 6f
                                                                                                                                                                                                                                                                                                                                  Data Ascii: (function(){var n="bsc";function i(n){for(var r=n+"=",f=decodeURIComponent(document.cookie),u=f.split(";"),i=0;i<u.length;i++){for(var t=u[i];t.charAt(0)===" ";)t=t.substring(1);if(t.indexOf(r)===0)return t.substring(r.length,t.length)}return null}functio


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  23192.168.2.749740108.139.9.184437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:35 UTC677OUTGET /Frontend-Assembly/Web.SitefinityExtensions.EloquaConnector/Scripts/SetBrowserSessionStorage.min.js?package=PureMvc&v=ZGx1bUU2RnZ6Tmd0d21DTm10M2ZHUT09) HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: d585tldpucybw.cloudfront.net
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:35 UTC779INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/javascript
                                                                                                                                                                                                                                                                                                                                  Content-Length: 988
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Last-Modified: Wed, 03 Apr 2024 14:36:44 GMT
                                                                                                                                                                                                                                                                                                                                  Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: http://localconverter.telerik.com
                                                                                                                                                                                                                                                                                                                                  Cache-Control: public, max-age=62948
                                                                                                                                                                                                                                                                                                                                  Expires: Tue, 30 Apr 2024 12:09:30 GMT
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 18:40:21 GMT
                                                                                                                                                                                                                                                                                                                                  Vary: Accept-Encoding,Cookie
                                                                                                                                                                                                                                                                                                                                  X-Cache: Hit from cloudfront
                                                                                                                                                                                                                                                                                                                                  Via: 1.1 e124ba8d7ba1d81e2fdc59ac89f11b70.cloudfront.net (CloudFront)
                                                                                                                                                                                                                                                                                                                                  X-Amz-Cf-Pop: SFO5-P2
                                                                                                                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                                                                  X-Amz-Cf-Id: WbweAK6y0y7XYLXuhIZZvbEOkKzZVae0kotPUUMCqyPX4c9PiQTr5A==
                                                                                                                                                                                                                                                                                                                                  Age: 17353
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:35 UTC988INData Raw: 77 69 6e 64 6f 77 2e 69 6e 76 6f 6b 65 54 72 61 63 6b 69 6e 67 53 63 72 69 70 74 28 74 68 69 73 2c 4f 70 74 61 6e 6f 6e 47 72 6f 75 70 73 2e 50 65 72 66 6f 72 6d 61 6e 63 65 43 6f 6f 6b 69 65 73 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 69 3d 22 61 64 57 6f 72 64 73 44 61 74 61 22 2c 6e 3d 22 65 78 70 54 72 61 63 6b 69 6e 67 22 3b 66 75 6e 63 74 69 6f 6e 20 65 28 29 7b 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 7d 77 69 6e 64 6f 77 2e 62 72 6f 77 73 65 72 53 65 73 73 69 6f 6e 53 74 6f 72 61 67 65 2e 72 65 61 64 28 6e 29 3b 66 75 6e 63 74 69 6f 6e 20 6f 28 74 2c 69 29 7b 76 61 72 20 72 3d 77 69 6e 64 6f 77 2e 62 72 6f 77 73 65 72 53 65 73 73 69 6f 6e 53 74 6f 72 61 67 65 2e 72 65 61 64 28 6e 29 3b 72 3d 72 3f 72 3a 7b
                                                                                                                                                                                                                                                                                                                                  Data Ascii: window.invokeTrackingScript(this,OptanonGroups.PerformanceCookies,function(){var i="adWordsData",n="expTracking";function e(){dataLayer.push(arguments)}window.browserSessionStorage.read(n);function o(t,i){var r=window.browserSessionStorage.read(n);r=r?r:{


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  24192.168.2.74974150.56.19.1124437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:37 UTC1152OUTGET /RestApi/personalizations/render?pageNodeId=5ceb4be1-05bd-4c69-892a-2c2bbd37538b&pageDataId=1f960fad-aef2-4475-8978-52fb7a29dbc9&pageNodeKey=5CEB4BE1-05BD-4C69-892A-2C2BBD37538B/b31ca85c-a1c5-4a9d-8b5d-e7b0736a8b16/SitefinitySiteMap&url=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&controls=09f9bb4f-5990-40af-b361-7849c73c9604_1,0cd3f511-e7d9-4e23-8773-26005ae09893_1,25637a62-a321-49a0-8b7e-5962dc977e95_1,6b5ac4dc-8fd0-4043-bd0a-e9ffd31e3bc8_1&correlationId=lvd0q0oezinv502q4f HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  SF_NO_URL_REFERER: true
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Content-type: application/json; charset=utf-8
                                                                                                                                                                                                                                                                                                                                  Accept: application/json
                                                                                                                                                                                                                                                                                                                                  X-Requested-With: XMLHttpRequest
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/download/fiddler/first-run
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:38 UTC467INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/json; charset=utf-8
                                                                                                                                                                                                                                                                                                                                  Expires: -1
                                                                                                                                                                                                                                                                                                                                  Vary: Accept
                                                                                                                                                                                                                                                                                                                                  Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: http://localconverter.telerik.com
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:36 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Length: 953
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:38 UTC953INData Raw: 5b 7b 22 43 6f 6e 74 72 6f 6c 49 64 22 3a 22 30 39 66 39 62 62 34 66 2d 35 39 39 30 2d 34 30 61 66 2d 62 33 36 31 2d 37 38 34 39 63 37 33 63 39 36 30 34 22 2c 22 43 6f 6e 74 65 6e 74 22 3a 22 3c 68 72 20 63 6c 61 73 73 3d 5c 22 75 2d 6d 74 34 20 75 2d 6d 62 36 5c 22 20 2f 3e 3c 68 32 3e 44 6f 20 79 6f 75 20 6e 65 65 64 20 74 6f 20 62 75 69 6c 64 20 63 6f 6d 70 6c 65 78 20 55 49 20 66 61 73 74 3f 20 3c 2f 68 32 3e 22 7d 2c 7b 22 43 6f 6e 74 72 6f 6c 49 64 22 3a 22 30 63 64 33 66 35 31 31 2d 65 37 64 39 2d 34 65 32 33 2d 38 37 37 33 2d 32 36 30 30 35 61 65 30 39 38 39 33 22 2c 22 43 6f 6e 74 65 6e 74 22 3a 22 5c 72 5c 6e 5c 72 5c 6e 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 5c 22 75 2d 74 61 72 5c 22 3e 5c 72 5c 6e 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                  Data Ascii: [{"ControlId":"09f9bb4f-5990-40af-b361-7849c73c9604","Content":"<hr class=\"u-mt4 u-mb6\" /><h2>Do you need to build complex UI fast? </h2>"},{"ControlId":"0cd3f511-e7d9-4e23-8773-26005ae09893","Content":"\r\n\r\n <div class=\"u-tar\">\r\n


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  25192.168.2.749742104.18.32.1374437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:37 UTC597OUTGET /cookieconsentpub/v1/geo/location HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: geolocation.onetrust.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  accept: application/json
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:37 UTC370INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:37 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/json
                                                                                                                                                                                                                                                                                                                                  Content-Length: 67
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Methods: GET, OPTIONS
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                                                                                                                                                                                  CF-RAY: 8791a3022a8209fd-LAS
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:37 UTC67INData Raw: 7b 22 63 6f 75 6e 74 72 79 22 3a 22 55 53 22 2c 22 73 74 61 74 65 22 3a 22 4e 56 22 2c 22 73 74 61 74 65 4e 61 6d 65 22 3a 22 4e 65 76 61 64 61 22 2c 22 63 6f 6e 74 69 6e 65 6e 74 22 3a 22 4e 41 22 7d
                                                                                                                                                                                                                                                                                                                                  Data Ascii: {"country":"US","state":"NV","stateName":"Nevada","continent":"NA"}


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  26192.168.2.749744104.19.178.524437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:38 UTC557OUTGET /scripttemplates/202401.2.0/otBannerSdk.js HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: cdn.cookielaw.org
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:38 UTC815INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:38 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/javascript
                                                                                                                                                                                                                                                                                                                                  Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Content-MD5: ekgyiOgvSPjNzcyXVUS11Q==
                                                                                                                                                                                                                                                                                                                                  Last-Modified: Thu, 07 Mar 2024 11:26:28 GMT
                                                                                                                                                                                                                                                                                                                                  x-ms-request-id: e31c6377-501e-009b-7f34-71f886000000
                                                                                                                                                                                                                                                                                                                                  x-ms-version: 2009-09-19
                                                                                                                                                                                                                                                                                                                                  x-ms-lease-status: unlocked
                                                                                                                                                                                                                                                                                                                                  x-ms-blob-type: BlockBlob
                                                                                                                                                                                                                                                                                                                                  Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  Cache-Control: max-age=86400
                                                                                                                                                                                                                                                                                                                                  CF-Cache-Status: HIT
                                                                                                                                                                                                                                                                                                                                  Age: 35182
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                                                                                                                                                                                  CF-RAY: 8791a308a92809fd-LAS
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:38 UTC554INData Raw: 37 63 37 32 0d 0a 2f 2a 2a 20 0a 20 2a 20 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 0a 20 2a 20 76 32 30 32 34 30 31 2e 32 2e 30 0a 20 2a 20 62 79 20 4f 6e 65 54 72 75 73 74 20 4c 4c 43 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 32 34 20 0a 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 4e 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 28 4e 3d 4f 62 6a 65 63 74 2e 73 65 74 50 72 6f 74 6f 74 79 70 65 4f 66 7c 7c 28 7b 5f 5f 70 72 6f 74 6f 5f 5f 3a 5b 5d 7d 69 6e 73 74 61 6e 63 65 6f 66 20 41 72 72 61 79 3f 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 65 2e 5f 5f 70 72 6f 74 6f 5f 5f 3d 74 7d 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 66 6f 72 28 76 61 72 20 6f 20 69 6e
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 7c72/** * onetrust-banner-sdk * v202401.2.0 * by OneTrust LLC * Copyright 2024 */!function(){"use strict";var N=function(e,t){return(N=Object.setPrototypeOf||({__proto__:[]}instanceof Array?function(e,t){e.__proto__=t}:function(e,t){for(var o in
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:38 UTC1369INData Raw: 6f 74 79 70 65 2c 6e 65 77 20 6f 29 7d 76 61 72 20 48 2c 52 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 28 52 3d 4f 62 6a 65 63 74 2e 61 73 73 69 67 6e 7c 7c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 66 6f 72 28 76 61 72 20 74 2c 6f 3d 31 2c 6e 3d 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3b 6f 3c 6e 3b 6f 2b 2b 29 66 6f 72 28 76 61 72 20 72 20 69 6e 20 74 3d 61 72 67 75 6d 65 6e 74 73 5b 6f 5d 29 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 2e 63 61 6c 6c 28 74 2c 72 29 26 26 28 65 5b 72 5d 3d 74 5b 72 5d 29 3b 72 65 74 75 72 6e 20 65 7d 29 2e 61 70 70 6c 79 28 74 68 69 73 2c 61 72 67 75 6d 65 6e 74 73 29 7d 3b 66 75 6e 63 74 69 6f 6e 20 46 28 65 2c 73 2c 61 2c 6c 29 7b 72 65 74 75 72 6e 20 6e 65
                                                                                                                                                                                                                                                                                                                                  Data Ascii: otype,new o)}var H,R=function(){return(R=Object.assign||function(e){for(var t,o=1,n=arguments.length;o<n;o++)for(var r in t=arguments[o])Object.prototype.hasOwnProperty.call(t,r)&&(e[r]=t[r]);return e}).apply(this,arguments)};function F(e,s,a,l){return ne
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:38 UTC1369INData Raw: 6c 2e 6c 61 62 65 6c 3c 61 5b 32 5d 29 29 7b 61 5b 32 5d 26 26 6c 2e 6f 70 73 2e 70 6f 70 28 29 2c 6c 2e 74 72 79 73 2e 70 6f 70 28 29 3b 63 6f 6e 74 69 6e 75 65 7d 6c 2e 6c 61 62 65 6c 3d 61 5b 32 5d 2c 6c 2e 6f 70 73 2e 70 75 73 68 28 74 29 7d 7d 74 3d 72 2e 63 61 6c 6c 28 6e 2c 6c 29 7d 63 61 74 63 68 28 65 29 7b 74 3d 5b 36 2c 65 5d 2c 73 3d 30 7d 66 69 6e 61 6c 6c 79 7b 69 3d 61 3d 30 7d 69 66 28 35 26 74 5b 30 5d 29 74 68 72 6f 77 20 74 5b 31 5d 3b 72 65 74 75 72 6e 7b 76 61 6c 75 65 3a 74 5b 30 5d 3f 74 5b 31 5d 3a 76 6f 69 64 20 30 2c 64 6f 6e 65 3a 21 30 7d 7d 7d 7d 66 75 6e 63 74 69 6f 6e 20 71 28 29 7b 66 6f 72 28 76 61 72 20 65 3d 30 2c 74 3d 30 2c 6f 3d 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3b 74 3c 6f 3b 74 2b 2b 29 65 2b 3d 61 72
                                                                                                                                                                                                                                                                                                                                  Data Ascii: l.label<a[2])){a[2]&&l.ops.pop(),l.trys.pop();continue}l.label=a[2],l.ops.push(t)}}t=r.call(n,l)}catch(e){t=[6,e],s=0}finally{i=a=0}if(5&t[0])throw t[1];return{value:t[0]?t[1]:void 0,done:!0}}}}function q(){for(var e=0,t=0,o=arguments.length;t<o;t++)e+=ar
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:38 UTC1369INData Raw: 63 65 6f 66 20 4b 29 72 65 74 75 72 6e 20 74 2e 5f 73 74 61 74 65 3d 33 2c 74 2e 5f 76 61 6c 75 65 3d 65 2c 76 6f 69 64 20 58 28 74 29 3b 69 66 28 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 6f 29 72 65 74 75 72 6e 20 76 6f 69 64 20 24 28 28 6e 3d 6f 2c 72 3d 65 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 6e 2e 61 70 70 6c 79 28 72 2c 61 72 67 75 6d 65 6e 74 73 29 7d 29 2c 74 29 7d 74 2e 5f 73 74 61 74 65 3d 31 2c 74 2e 5f 76 61 6c 75 65 3d 65 2c 58 28 74 29 7d 63 61 74 63 68 28 65 29 7b 4a 28 74 2c 65 29 7d 76 61 72 20 6e 2c 72 7d 66 75 6e 63 74 69 6f 6e 20 4a 28 65 2c 74 29 7b 65 2e 5f 73 74 61 74 65 3d 32 2c 65 2e 5f 76 61 6c 75 65 3d 74 2c 58 28 65 29 7d 66 75 6e 63 74 69 6f 6e 20 58 28 65 29 7b 32 3d 3d 3d 65 2e 5f 73 74 61 74 65 26 26 30 3d 3d
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ceof K)return t._state=3,t._value=e,void X(t);if("function"==typeof o)return void $((n=o,r=e,function(){n.apply(r,arguments)}),t)}t._state=1,t._value=e,X(t)}catch(e){J(t,e)}var n,r}function J(e,t){e._state=2,e._value=t,X(e)}function X(e){2===e._state&&0==
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:38 UTC1369INData Raw: 65 74 75 72 6e 20 76 6f 69 64 20 6e 2e 63 61 6c 6c 28 65 2c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 74 28 6f 2c 65 29 7d 2c 69 29 7d 73 5b 6f 5d 3d 65 2c 30 3d 3d 2d 2d 61 26 26 72 28 73 29 7d 63 61 74 63 68 28 65 29 7b 69 28 65 29 7d 7d 28 65 2c 73 5b 65 5d 29 7d 29 7d 2c 4b 2e 72 65 73 6f 6c 76 65 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 74 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 74 26 26 74 2e 63 6f 6e 73 74 72 75 63 74 6f 72 3d 3d 3d 4b 3f 74 3a 6e 65 77 20 4b 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 65 28 74 29 7d 29 7d 2c 4b 2e 72 65 6a 65 63 74 3d 66 75 6e 63 74 69 6f 6e 28 6f 29 7b 72 65 74 75 72 6e 20 6e 65 77 20 4b 28 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 74 28 6f 29 7d 29 7d 2c 4b 2e 72 61 63 65 3d 66 75 6e 63
                                                                                                                                                                                                                                                                                                                                  Data Ascii: eturn void n.call(e,function(e){t(o,e)},i)}s[o]=e,0==--a&&r(s)}catch(e){i(e)}}(e,s[e])})},K.resolve=function(t){return t&&"object"==typeof t&&t.constructor===K?t:new K(function(e){e(t)})},K.reject=function(o){return new K(function(e,t){t(o)})},K.race=func
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:38 UTC1369INData Raw: 65 3a 21 30 2c 63 6f 6e 66 69 67 75 72 61 62 6c 65 3a 21 30 7d 29 7d 2c 5a 2e 70 72 6f 74 6f 74 79 70 65 2e 69 6e 69 74 45 6e 64 73 57 69 74 68 50 6f 6c 79 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 53 74 72 69 6e 67 2e 70 72 6f 74 6f 74 79 70 65 2e 65 6e 64 73 57 69 74 68 7c 7c 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 28 53 74 72 69 6e 67 2e 70 72 6f 74 6f 74 79 70 65 2c 22 65 6e 64 73 57 69 74 68 22 2c 7b 76 61 6c 75 65 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 28 76 6f 69 64 20 30 3d 3d 3d 74 7c 7c 74 3e 74 68 69 73 2e 6c 65 6e 67 74 68 29 26 26 28 74 3d 74 68 69 73 2e 6c 65 6e 67 74 68 29 2c 74 68 69 73 2e 73 75 62 73 74 72 69 6e 67 28 74 2d 65 2e 6c 65 6e 67 74 68 2c 74 29 3d 3d 3d 65 7d 2c 77 72 69 74 61 62 6c 65
                                                                                                                                                                                                                                                                                                                                  Data Ascii: e:!0,configurable:!0})},Z.prototype.initEndsWithPoly=function(){String.prototype.endsWith||Object.defineProperty(String.prototype,"endsWith",{value:function(e,t){return(void 0===t||t>this.length)&&(t=this.length),this.substring(t-e.length,t)===e},writable
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:38 UTC1369INData Raw: 2e 69 6e 69 74 41 72 72 61 79 46 69 6c 6c 50 6f 6c 79 66 69 6c 6c 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 2e 66 69 6c 6c 7c 7c 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 28 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 2c 22 66 69 6c 6c 22 2c 7b 76 61 6c 75 65 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 6e 75 6c 6c 3d 3d 74 68 69 73 29 74 68 72 6f 77 20 6e 65 77 20 54 79 70 65 45 72 72 6f 72 28 22 74 68 69 73 20 69 73 20 6e 75 6c 6c 20 6f 72 20 6e 6f 74 20 64 65 66 69 6e 65 64 22 29 3b 66 6f 72 28 76 61 72 20 74 3d 4f 62 6a 65 63 74 28 74 68 69 73 29 2c 6f 3d 74 2e 6c 65 6e 67 74 68 3e 3e 3e 30 2c 6e 3d 61 72 67 75 6d 65 6e 74 73 5b 31 5d 3e 3e 30 2c 72 3d 6e 3c 30 3f 4d 61 74 68 2e 6d 61 78
                                                                                                                                                                                                                                                                                                                                  Data Ascii: .initArrayFillPolyfill=function(){Array.prototype.fill||Object.defineProperty(Array.prototype,"fill",{value:function(e){if(null==this)throw new TypeError("this is null or not defined");for(var t=Object(this),o=t.length>>>0,n=arguments[1]>>0,r=n<0?Math.max
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:38 UTC1369INData Raw: 67 73 22 2c 65 5b 65 2e 43 6f 6e 74 69 6e 75 65 57 69 74 68 6f 75 74 41 63 63 65 70 74 69 6e 67 42 75 74 74 6f 6e 3d 36 5d 3d 22 43 6f 6e 74 69 6e 75 65 57 69 74 68 6f 75 74 41 63 63 65 70 74 69 6e 67 42 75 74 74 6f 6e 22 2c 28 65 3d 74 65 3d 74 65 7c 7c 7b 7d 29 5b 65 2e 42 61 6e 6e 65 72 3d 31 5d 3d 22 42 61 6e 6e 65 72 22 2c 65 5b 65 2e 50 43 3d 32 5d 3d 22 50 43 22 2c 65 5b 65 2e 41 50 49 3d 33 5d 3d 22 41 50 49 22 2c 28 65 3d 6f 65 3d 6f 65 7c 7c 7b 7d 29 2e 41 63 63 65 70 74 41 6c 6c 3d 22 41 63 63 65 70 74 41 6c 6c 22 2c 65 2e 52 65 6a 65 63 74 41 6c 6c 3d 22 52 65 6a 65 63 74 41 6c 6c 22 2c 65 2e 55 70 64 61 74 65 43 6f 6e 73 65 6e 74 3d 22 55 70 64 61 74 65 43 6f 6e 73 65 6e 74 22 2c 28 65 3d 6e 65 3d 6e 65 7c 7c 7b 7d 29 5b 65 2e 50 75 72 70 6f
                                                                                                                                                                                                                                                                                                                                  Data Ascii: gs",e[e.ContinueWithoutAcceptingButton=6]="ContinueWithoutAcceptingButton",(e=te=te||{})[e.Banner=1]="Banner",e[e.PC=2]="PC",e[e.API=3]="API",(e=oe=oe||{}).AcceptAll="AcceptAll",e.RejectAll="RejectAll",e.UpdateConsent="UpdateConsent",(e=ne=ne||{})[e.Purpo
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:38 UTC1369INData Raw: 74 20 41 6c 6c 22 5d 3d 35 5d 3d 22 50 72 65 66 65 72 65 6e 63 65 20 43 65 6e 74 65 72 20 2d 20 52 65 6a 65 63 74 20 41 6c 6c 22 2c 65 5b 65 5b 22 50 72 65 66 65 72 65 6e 63 65 20 43 65 6e 74 65 72 20 2d 20 43 6f 6e 66 69 72 6d 22 5d 3d 36 5d 3d 22 50 72 65 66 65 72 65 6e 63 65 20 43 65 6e 74 65 72 20 2d 20 43 6f 6e 66 69 72 6d 22 2c 65 5b 65 5b 22 47 50 43 20 76 61 6c 75 65 20 63 68 61 6e 67 65 64 22 5d 3d 37 5d 3d 22 47 50 43 20 76 61 6c 75 65 20 63 68 61 6e 67 65 64 22 2c 28 65 3d 68 65 3d 68 65 7c 7c 7b 7d 29 2e 41 63 74 69 76 65 3d 22 31 22 2c 65 2e 49 6e 41 63 74 69 76 65 3d 22 30 22 2c 28 65 3d 43 65 3d 43 65 7c 7c 7b 7d 29 2e 48 6f 73 74 3d 22 48 6f 73 74 22 2c 65 2e 47 65 6e 56 65 6e 64 6f 72 3d 22 47 65 6e 56 65 6e 22 2c 28 65 3d 79 65 3d 79 65
                                                                                                                                                                                                                                                                                                                                  Data Ascii: t All"]=5]="Preference Center - Reject All",e[e["Preference Center - Confirm"]=6]="Preference Center - Confirm",e[e["GPC value changed"]=7]="GPC value changed",(e=he=he||{}).Active="1",e.InActive="0",(e=Ce=Ce||{}).Host="Host",e.GenVendor="GenVen",(e=ye=ye
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:38 UTC1369INData Raw: 7b 7d 29 2e 67 72 61 6e 74 65 64 3d 22 67 72 61 6e 74 65 64 22 2c 65 2e 64 65 6e 69 65 64 3d 22 64 65 6e 69 65 64 22 2c 30 2c 28 65 3d 4c 65 3d 4c 65 7c 7c 7b 7d 29 2e 4f 42 4a 45 43 54 5f 54 4f 5f 4c 49 3d 22 4f 62 6a 65 63 74 54 6f 4c 49 22 2c 65 2e 4c 49 5f 41 43 54 49 56 45 5f 49 46 5f 4c 45 47 41 4c 5f 42 41 53 49 53 3d 22 4c 49 41 63 74 69 76 65 49 66 4c 65 67 61 6c 42 61 73 69 73 22 2c 28 65 3d 5f 65 3d 5f 65 7c 7c 7b 7d 29 2e 63 6f 6f 6b 69 65 73 3d 22 63 6f 6f 6b 69 65 73 22 2c 65 2e 76 65 6e 64 6f 72 73 3d 22 76 65 6e 64 6f 72 73 22 2c 28 65 3d 45 65 3d 45 65 7c 7c 7b 7d 29 2e 47 44 50 52 3d 22 47 44 50 52 22 2c 65 2e 43 43 50 41 3d 22 43 43 50 41 22 2c 65 2e 49 41 42 32 3d 22 49 41 42 32 22 2c 65 2e 49 41 42 32 56 32 3d 22 49 41 42 32 56 32 22
                                                                                                                                                                                                                                                                                                                                  Data Ascii: {}).granted="granted",e.denied="denied",0,(e=Le=Le||{}).OBJECT_TO_LI="ObjectToLI",e.LI_ACTIVE_IF_LEGAL_BASIS="LIActiveIfLegalBasis",(e=_e=_e||{}).cookies="cookies",e.vendors="vendors",(e=Ee=Ee||{}).GDPR="GDPR",e.CCPA="CCPA",e.IAB2="IAB2",e.IAB2V2="IAB2V2"


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  27192.168.2.74974550.56.19.1124437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:38 UTC692OUTGET /sfimages/default-source/productsimages/kendo-ui-complete/kendoka_icon.png?sfvrsn=922435fb_2 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/download/fiddler/first-run
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:38 UTC558INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Cache-Control: public, max-age=7776000
                                                                                                                                                                                                                                                                                                                                  Content-Length: 2588
                                                                                                                                                                                                                                                                                                                                  Content-Type: image/png
                                                                                                                                                                                                                                                                                                                                  Expires: Mon, 22 Jul 2024 23:29:38 GMT
                                                                                                                                                                                                                                                                                                                                  Last-Modified: Fri, 03 Sep 2021 08:38:14 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Disposition: inline; filename=kendoka_icon.png
                                                                                                                                                                                                                                                                                                                                  Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: http://localconverter.telerik.com
                                                                                                                                                                                                                                                                                                                                  Date: Mon, 02 Dec 2024 23:56:19 GMT
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:38 UTC2357INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 41 00 00 00 41 08 06 00 00 00 8e f7 c9 45 00 00 00 09 70 48 59 73 00 00 2e 23 00 00 2e 23 01 78 a5 3f 76 00 00 00 19 74 45 58 74 53 6f 66 74 77 61 72 65 00 41 64 6f 62 65 20 49 6d 61 67 65 52 65 61 64 79 71 c9 65 3c 00 00 09 a9 49 44 41 54 78 da e5 9c 0b 94 55 63 14 c7 a7 c9 ab 64 35 a2 24 c4 10 12 b1 28 a2 c8 63 5a de 16 2a cf 22 89 56 79 2c 0b 95 b2 f2 58 88 3c 32 94 47 13 95 32 91 47 ad 68 2a 46 2a 66 a8 bc 52 11 11 c6 90 92 68 cc d0 4c d3 cc 5c fb b3 7e 5f f6 3d 9d 73 ee 39 f7 31 37 6b 5a eb bf ee dc 73 bf e7 fe f6 b7 f7 7f ef ef 3b 65 64 a4 f8 df 98 31 63 9a 08 7a 08 86 09 26 0a 8a 04 25 82 32 41 8d 20 c2 67 19 cf 8b 28 37 94 7a 4d 32 fe 8f ff 64 e0 fb 31 e9 45 82 2a 26 1a 2f aa 68 c7 b4 d7 66
                                                                                                                                                                                                                                                                                                                                  Data Ascii: PNGIHDRAAEpHYs.#.#x?vtEXtSoftwareAdobe ImageReadyqe<IDATxUcd5$(cZ*"Vy,X<2G2Gh*F*fRhL\~_=s917kZs;ed1cz&%2A g(7zM2d1E*&/hf
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:38 UTC231INData Raw: 5c 70 8b e0 2b 25 fc 8b 7c b6 6d 7c f7 18 55 23 9e 37 5a c9 22 2f 24 7c b6 58 8d e4 0d e7 7f 93 5c c1 12 56 78 12 2f 77 75 f2 e9 af 2d 99 e9 5a 2c f9 5d d8 a8 83 48 b1 4f 70 39 83 fc ca a3 ad c4 6f b4 ba c4 15 71 5d ed 8d b3 cf 0e 68 90 93 21 56 70 46 f1 0c a7 55 43 dd 98 66 52 ef 36 ab 46 03 dd 72 4f 51 04 da 03 46 9a 13 eb f5 c0 94 dd 72 f7 d0 88 c2 fa ba e9 1a 62 7c a9 7d df c1 61 23 3c df 7c 49 a3 00 ea e7 cd 17 87 d7 68 b8 ef 40 39 78 44 5e 83 7d 1b ce 85 62 3b df 8b 1c d5 20 de 8b 74 b1 c8 0d f7 0d 59 97 7c 44 cf 00 ef 4a f7 8e f1 ae 74 6f f5 ae 74 e9 ff e2 5d 69 0f 81 b4 69 90 6f cd c7 48 bc f6 80 dd ed 90 ff 7f c2 3f b6 1f ec 9e dd 07 b4 b8 00 00 00 00 49 45 4e 44 ae 42 60 82
                                                                                                                                                                                                                                                                                                                                  Data Ascii: \p+%|m|U#7Z"/$|X\Vx/wu-Z,]HOp9oq]h!VpFUCfR6FrOQFrb|}a#<|Ih@9xD^}b; tY|DJtot]iioH?IENDB`


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  28192.168.2.74974818.65.25.574437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:39 UTC538OUTGET /c/hotjar-66905.js?sv=7 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: static.hotjar.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:40 UTC633INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/javascript; charset=UTF-8
                                                                                                                                                                                                                                                                                                                                  Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:40 GMT
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  Cache-Control: max-age=60
                                                                                                                                                                                                                                                                                                                                  Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                                                                  ETag: W/57abe4ff677beb026c5d7ba7162cb1e8
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=2592000; includeSubDomains
                                                                                                                                                                                                                                                                                                                                  X-Cache-Hit: 1
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                  X-Cache: Miss from cloudfront
                                                                                                                                                                                                                                                                                                                                  Via: 1.1 9e9fde687cd38d3d64c729260b6189f6.cloudfront.net (CloudFront)
                                                                                                                                                                                                                                                                                                                                  X-Amz-Cf-Pop: LAX53-P1
                                                                                                                                                                                                                                                                                                                                  X-Amz-Cf-Id: 0cSeckPCmQuQ0zgZNrjhDwIbR93kiQr-muJJ0WHANSbX3oRe8_oRIQ==
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:40 UTC8992INData Raw: 32 33 31 38 0d 0a 77 69 6e 64 6f 77 2e 68 6a 53 69 74 65 53 65 74 74 69 6e 67 73 20 3d 20 77 69 6e 64 6f 77 2e 68 6a 53 69 74 65 53 65 74 74 69 6e 67 73 20 7c 7c 20 7b 22 73 69 74 65 5f 69 64 22 3a 36 36 39 30 35 2c 22 72 22 3a 30 2e 34 38 38 34 30 37 38 35 35 30 39 35 36 34 37 36 2c 22 72 65 63 5f 76 61 6c 75 65 22 3a 38 2e 31 39 31 39 39 39 39 39 35 36 38 38 30 39 33 65 2d 36 2c 22 73 74 61 74 65 5f 63 68 61 6e 67 65 5f 6c 69 73 74 65 6e 5f 6d 6f 64 65 22 3a 22 6d 61 6e 75 61 6c 22 2c 22 72 65 63 6f 72 64 22 3a 74 72 75 65 2c 22 63 6f 6e 74 69 6e 75 6f 75 73 5f 63 61 70 74 75 72 65 5f 65 6e 61 62 6c 65 64 22 3a 74 72 75 65 2c 22 72 65 63 6f 72 64 69 6e 67 5f 63 61 70 74 75 72 65 5f 6b 65 79 73 74 72 6f 6b 65 73 22 3a 66 61 6c 73 65 2c 22 73 65 73 73 69
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 2318window.hjSiteSettings = window.hjSiteSettings || {"site_id":66905,"r":0.4884078550956476,"rec_value":8.191999995688093e-6,"state_change_listen_mode":"manual","record":true,"continuous_capture_enabled":true,"recording_capture_keystrokes":false,"sessi
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:40 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 0


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  29192.168.2.74974918.154.206.134437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:39 UTC617OUTGET /sxp/i/940047942047f9f048d2c1e1f6b78492.js HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: euob.ytwohlcq.telerik.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:40 UTC504INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Content-Type: text/javascript; charset=utf-8
                                                                                                                                                                                                                                                                                                                                  Content-Length: 104424
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  ETag: "197e8-b9R9rt9JlRUaoLsUor88VynHZaA"
                                                                                                                                                                                                                                                                                                                                  Server: Caddy
                                                                                                                                                                                                                                                                                                                                  Cache-Control: max-age=43200
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 14:29:04 GMT
                                                                                                                                                                                                                                                                                                                                  Expires: Wed, 24 Apr 2024 02:29:04 GMT
                                                                                                                                                                                                                                                                                                                                  Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                  X-Cache: Hit from cloudfront
                                                                                                                                                                                                                                                                                                                                  Via: 1.1 e18d3804375a86d48383ad266efc5b0a.cloudfront.net (CloudFront)
                                                                                                                                                                                                                                                                                                                                  X-Amz-Cf-Pop: LAX50-P5
                                                                                                                                                                                                                                                                                                                                  X-Amz-Cf-Id: uH1TPVEYX63K0d3-ljKQNFXrYzb657Y3ESblSUUMgzRxbU-TnQntbg==
                                                                                                                                                                                                                                                                                                                                  Age: 32436
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:40 UTC16384INData Raw: 21 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 6e 3d 7b 7d 3b 66 75 6e 63 74 69 6f 6e 20 72 28 65 29 7b 69 66 28 6e 5b 65 5d 29 72 65 74 75 72 6e 20 6e 5b 65 5d 2e 65 78 70 6f 72 74 73 3b 76 61 72 20 69 3d 6e 5b 65 5d 3d 7b 69 3a 65 2c 6c 3a 21 31 2c 65 78 70 6f 72 74 73 3a 7b 7d 7d 3b 72 65 74 75 72 6e 20 74 5b 65 5d 2e 63 61 6c 6c 28 69 2e 65 78 70 6f 72 74 73 2c 69 2c 69 2e 65 78 70 6f 72 74 73 2c 72 29 2c 69 2e 6c 3d 21 30 2c 69 2e 65 78 70 6f 72 74 73 7d 72 2e 6d 3d 74 2c 72 2e 63 3d 6e 2c 72 2e 64 3d 66 75 6e 63 74 69 6f 6e 28 74 2c 6e 2c 65 29 7b 72 2e 6f 28 74 2c 6e 29 7c 7c 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 28 74 2c 6e 2c 7b 65 6e 75 6d 65 72 61 62 6c 65 3a 21 30 2c 67 65 74 3a 65 7d 29 7d 2c 72 2e 72 3d 66 75 6e
                                                                                                                                                                                                                                                                                                                                  Data Ascii: !function(t){var n={};function r(e){if(n[e])return n[e].exports;var i=n[e]={i:e,l:!1,exports:{}};return t[e].call(i.exports,i,i.exports,r),i.l=!0,i.exports}r.m=t,r.c=n,r.d=function(t,n,e){r.o(t,n)||Object.defineProperty(t,n,{enumerable:!0,get:e})},r.r=fun
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:40 UTC16384INData Raw: 7d 76 61 72 20 72 3d 78 2e 57 74 28 22 5f 67 61 22 29 3b 69 66 28 72 29 7b 76 61 72 20 65 3d 72 2e 73 70 6c 69 74 28 22 2e 22 29 3b 69 66 28 65 2e 6c 65 6e 67 74 68 3e 3d 32 29 72 65 74 75 72 6e 20 65 5b 65 2e 6c 65 6e 67 74 68 2d 32 5d 2b 22 2e 22 2b 65 5b 65 2e 6c 65 6e 67 74 68 2d 31 5d 7d 7d 63 61 74 63 68 28 74 29 7b 7d 72 65 74 75 72 6e 22 2d 22 7d 2c 48 6e 3a 66 75 6e 63 74 69 6f 6e 28 74 2c 6e 2c 72 29 7b 76 61 72 20 65 3d 76 2b 74 2c 61 3d 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 78 2d 77 77 77 2d 66 6f 72 6d 2d 75 72 6c 65 6e 63 6f 64 65 64 22 2c 63 3d 22 22 3b 69 66 28 70 2e 4a 28 6e 29 29 63 3d 6e 3b 65 6c 73 65 7b 66 6f 72 28 76 61 72 20 75 20 69 6e 20 6e 29 7b 63 2b 3d 75 2b 22 3d 22 2b 28 70 2e 6e 74 28 75 2c 22 65 5f 22 29 3f 6f 28 70 2e 59
                                                                                                                                                                                                                                                                                                                                  Data Ascii: }var r=x.Wt("_ga");if(r){var e=r.split(".");if(e.length>=2)return e[e.length-2]+"."+e[e.length-1]}}catch(t){}return"-"},Hn:function(t,n,r){var e=v+t,a="application/x-www-form-urlencoded",c="";if(p.J(n))c=n;else{for(var u in n){c+=u+"="+(p.nt(u,"e_")?o(p.Y
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:40 UTC15202INData Raw: 65 6e 74 45 6c 65 6d 65 6e 74 2c 73 3d 75 2e 73 63 72 65 65 6e 2c 6c 3d 75 2e 6e 61 76 69 67 61 74 6f 72 3b 66 75 6e 63 74 69 6f 6e 20 64 28 29 7b 72 65 74 75 72 6e 20 4d 61 74 68 2e 66 6c 6f 6f 72 28 35 30 2a 4d 61 74 68 2e 72 61 6e 64 6f 6d 28 29 29 2b 31 7d 76 61 72 20 68 3d 7b 7d 3b 74 2e 65 78 70 6f 72 74 73 3d 66 75 6e 63 74 69 6f 6e 28 74 2c 6e 2c 72 2c 65 29 7b 76 61 72 20 5f 3d 5b 5d 2c 6d 3d 30 2c 70 3d 30 2c 79 3d 21 31 2c 67 3d 21 31 2c 62 3d 21 31 2c 77 3d 6e 2e 64 65 74 65 63 74 6f 72 54 69 6d 65 6f 75 74 7c 7c 30 2c 53 3d 5b 5d 2c 43 3d 5b 5d 2c 49 3d 66 75 6e 63 74 69 6f 6e 28 74 2c 6e 29 7b 22 6a 73 22 3d 3d 74 3f 2b 2b 6d 3d 3d 6e 26 26 28 67 3d 21 30 29 3a 22 64 61 74 61 22 3d 3d 74 3f 2b 2b 70 3d 3d 6e 26 26 28 62 3d 21 30 29 3a 22 61
                                                                                                                                                                                                                                                                                                                                  Data Ascii: entElement,s=u.screen,l=u.navigator;function d(){return Math.floor(50*Math.random())+1}var h={};t.exports=function(t,n,r,e){var _=[],m=0,p=0,y=!1,g=!1,b=!1,w=n.detectorTimeout||0,S=[],C=[],I=function(t,n){"js"==t?++m==n&&(g=!0):"data"==t?++p==n&&(b=!0):"a
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:40 UTC1182INData Raw: 74 69 6f 6e 28 29 7b 69 66 28 75 2e 6d 61 74 63 68 4d 65 64 69 61 29 72 65 74 75 72 6e 20 75 2e 6d 61 74 63 68 4d 65 64 69 61 28 22 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 20 64 61 72 6b 29 22 29 2e 6d 61 74 63 68 65 73 7d 2c 72 72 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 3d 4f 62 6a 65 63 74 2e 67 65 74 4f 77 6e 50 72 6f 70 65 72 74 79 4e 61 6d 65 73 28 75 29 2e 73 6c 69 63 65 28 2d 33 30 30 29 3b 66 75 6e 63 74 69 6f 6e 20 6e 28 6e 29 7b 72 65 74 75 72 6e 20 63 2e 45 74 28 74 2c 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 74 21 3d 3d 6e 26 26 75 5b 74 5d 3d 3d 3d 75 5b 6e 5d 7d 29 7d 76 61 72 20 72 3d 6e 28 22 41 72 72 61 79 22 29 3b 69 66 28 2d 31 21 3d 3d 72 29 7b 76 61 72 20 65 3d 5b 72 2c 6e 28 22 53
                                                                                                                                                                                                                                                                                                                                  Data Ascii: tion(){if(u.matchMedia)return u.matchMedia("(prefers-color-scheme: dark)").matches},rr=function(){var t=Object.getOwnPropertyNames(u).slice(-300);function n(n){return c.Et(t,function(t){return t!==n&&u[t]===u[n]})}var r=n("Array");if(-1!==r){var e=[r,n("S
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:40 UTC16384INData Raw: 2e 70 72 6f 74 6f 74 79 70 65 5b 74 5d 2c 21 30 29 7d 63 61 74 63 68 28 74 29 7b 7d 74 72 79 7b 61 3d 79 74 28 6e 2e 74 6f 53 74 72 69 6e 67 2c 21 30 29 7d 63 61 74 63 68 28 74 29 7b 7d 72 65 74 75 72 6e 20 72 2e 70 75 73 68 28 65 29 2c 72 2e 70 75 73 68 28 69 29 2c 72 2e 70 75 73 68 28 61 29 2c 4a 53 4f 4e 2e 73 74 72 69 6e 67 69 66 79 28 72 29 7d 7d 3b 69 66 28 74 29 7b 76 61 72 20 6f 72 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 6c 2e 6f 73 63 70 75 7d 2c 75 72 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 72 79 7b 76 61 72 20 74 3d 48 54 4d 4c 43 61 6e 76 61 73 45 6c 65 6d 65 6e 74 3b 69 66 28 74 26 26 74 2e 70 72 6f 74 6f 74 79 70 65 2e 74 6f 44 61 74 61 55 52 4c 26 26 70 74 28 74 2e 70 72 6f 74 6f 74 79 70 65 2e 74 6f 44 61 74 61 55 52 4c 29
                                                                                                                                                                                                                                                                                                                                  Data Ascii: .prototype[t],!0)}catch(t){}try{a=yt(n.toString,!0)}catch(t){}return r.push(e),r.push(i),r.push(a),JSON.stringify(r)}};if(t){var or=function(){return l.oscpu},ur=function(){try{var t=HTMLCanvasElement;if(t&&t.prototype.toDataURL&&pt(t.prototype.toDataURL)
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:40 UTC16384INData Raw: 2e 70 65 72 66 6f 72 6d 61 6e 63 65 2e 67 65 74 45 6e 74 72 69 65 73 42 79 54 79 70 65 28 22 72 65 73 6f 75 72 63 65 22 29 2c 6e 3d 75 2e 74 6f 70 2e 6c 6f 63 61 74 69 6f 6e 2e 68 6f 73 74 6e 61 6d 65 3b 72 65 74 75 72 6e 20 63 2e 77 74 28 63 2e 67 74 28 74 2c 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 72 3d 74 2e 69 6e 69 74 69 61 74 6f 72 54 79 70 65 5b 30 5d 2c 65 3d 6e 65 77 20 55 52 4c 28 74 2e 6e 61 6d 65 29 2c 69 3d 65 2e 70 72 6f 74 6f 63 6f 6c 2b 22 2f 2f 22 2b 65 2e 68 6f 73 74 2b 65 2e 70 61 74 68 6e 61 6d 65 2c 61 3d 63 2e 6e 74 28 69 2c 22 68 74 74 70 73 3a 2f 2f 22 29 3f 22 31 22 3a 63 2e 6e 74 28 69 2c 22 68 74 74 70 3a 2f 2f 22 29 3f 22 30 22 3a 22 22 3b 69 66 28 69 3d 69 2e 72 65 70 6c 61 63 65 28 2f 68 74 74 70 73 3f 5c 3a 5c 2f 5c
                                                                                                                                                                                                                                                                                                                                  Data Ascii: .performance.getEntriesByType("resource"),n=u.top.location.hostname;return c.wt(c.gt(t,function(t){var r=t.initiatorType[0],e=new URL(t.name),i=e.protocol+"//"+e.host+e.pathname,a=c.nt(i,"https://")?"1":c.nt(i,"http://")?"0":"";if(i=i.replace(/https?\:\/\
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:40 UTC15850INData Raw: 61 67 65 58 29 3a 74 2e 70 61 67 65 58 2c 4c 65 3a 74 2e 70 61 67 65 59 3f 70 61 72 73 65 49 6e 74 28 74 2e 70 61 67 65 59 29 3a 74 2e 70 61 67 65 59 2c 54 65 3a 6e 2c 4a 65 3a 6f 2e 42 74 28 74 29 2c 57 65 3a 69 2c 56 65 3a 75 2e 59 28 64 29 7d 7d 2c 65 3d 66 75 6e 63 74 69 6f 6e 28 74 2c 6e 2c 65 29 7b 6e 2e 45 65 2b 2b 2c 6e 2e 41 65 7c 7c 28 6e 2e 41 65 3d 72 28 74 2c 65 29 29 2c 6e 2e 6b 74 3d 72 28 74 2c 65 29 2c 67 28 65 29 7d 3b 6f 2e 68 6e 28 73 2e 62 6f 64 79 2c 22 6d 6f 75 73 65 64 6f 77 6e 22 2c 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 76 61 72 20 72 3d 6f 2e 6c 6e 28 74 29 3b 65 28 6e 2c 79 2e 46 65 2c 72 29 2c 62 28 6e 2c 72 29 7d 29 2c 6f 2e 68 6e 28 73 2e 62 6f 64 79 2c 22 6d 6f 75 73 65 75 70 22 2c 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 76 61 72
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ageX):t.pageX,Le:t.pageY?parseInt(t.pageY):t.pageY,Te:n,Je:o.Bt(t),We:i,Ve:u.Y(d)}},e=function(t,n,e){n.Ee++,n.Ae||(n.Ae=r(t,e)),n.kt=r(t,e),g(e)};o.hn(s.body,"mousedown",function(n){var r=o.ln(t);e(n,y.Fe,r),b(n,r)}),o.hn(s.body,"mouseup",function(n){var
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:40 UTC6654INData Raw: 70 73 3a 2f 2f 73 2e 79 69 6d 67 2e 63 6f 6d 2f 77 69 2f 79 74 63 2e 6a 73 22 2c 75 2e 61 73 79 6e 63 3d 21 30 2c 75 2e 6f 6e 6c 6f 61 64 3d 75 2e 6f 6e 72 65 61 64 79 73 74 61 74 65 63 68 61 6e 67 65 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 2c 6e 3d 74 68 69 73 2e 72 65 61 64 79 53 74 61 74 65 2c 69 3d 72 5b 6f 5d 3b 69 66 28 21 6e 7c 7c 22 63 6f 6d 70 6c 65 74 65 22 3d 3d 6e 7c 7c 22 6c 6f 61 64 65 64 22 3d 3d 6e 29 74 72 79 7b 74 3d 65 2e 59 41 48 4f 4f 2e 79 77 61 2e 49 31 33 4e 2e 66 69 72 65 42 65 61 63 6f 6e 2c 72 5b 6f 5d 3d 5b 5d 2c 72 5b 6f 5d 2e 70 75 73 68 3d 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 74 28 5b 6e 5d 29 7d 2c 74 28 69 29 7d 63 61 74 63 68 28 74 29 7b 7d 7d 3b 76 61 72 20 66 3d 69 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ps://s.yimg.com/wi/ytc.js",u.async=!0,u.onload=u.onreadystatechange=function(){var t,n=this.readyState,i=r[o];if(!n||"complete"==n||"loaded"==n)try{t=e.YAHOO.ywa.I13N.fireBeacon,r[o]=[],r[o].push=function(n){t([n])},t(i)}catch(t){}};var f=i.getElementsByT


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  30192.168.2.749750104.19.178.524437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:45 UTC634OUTGET /consent/3dfce4f2-dab6-4128-9f33-df7e0597da82/8b69118b-3606-49f3-8c41-2718141b484d/en.json HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: cdn.cookielaw.org
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:45 UTC902INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:45 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/x-javascript
                                                                                                                                                                                                                                                                                                                                  Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  CF-Ray: 8791a333ccff09ff-LAS
                                                                                                                                                                                                                                                                                                                                  CF-Cache-Status: HIT
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  Age: 75620
                                                                                                                                                                                                                                                                                                                                  Cache-Control: public, max-age=86400
                                                                                                                                                                                                                                                                                                                                  Expires: Wed, 24 Apr 2024 23:29:45 GMT
                                                                                                                                                                                                                                                                                                                                  Last-Modified: Thu, 11 Apr 2024 13:50:54 GMT
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                                                                                  Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                  Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                                                                                                                                                                                                                                                                                                  Content-MD5: HGPA6AyDGbQM8tIA/CTFKw==
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  x-ms-blob-type: BlockBlob
                                                                                                                                                                                                                                                                                                                                  x-ms-lease-status: unlocked
                                                                                                                                                                                                                                                                                                                                  x-ms-request-id: 72774a77-e01e-0027-2d17-8c2e47000000
                                                                                                                                                                                                                                                                                                                                  x-ms-version: 2009-09-19
                                                                                                                                                                                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:45 UTC467INData Raw: 37 63 31 62 0d 0a 7b 22 44 6f 6d 61 69 6e 44 61 74 61 22 3a 7b 22 70 63 63 6c 6f 73 65 42 75 74 74 6f 6e 54 79 70 65 22 3a 22 49 63 6f 6e 22 2c 22 70 63 6c 69 66 65 53 70 61 6e 59 72 22 3a 22 59 65 61 72 22 2c 22 70 63 6c 69 66 65 53 70 61 6e 59 72 73 22 3a 22 59 65 61 72 73 22 2c 22 70 63 6c 69 66 65 53 70 61 6e 53 65 63 73 22 3a 22 41 20 66 65 77 20 73 65 63 6f 6e 64 73 22 2c 22 70 63 6c 69 66 65 53 70 61 6e 57 6b 22 3a 22 57 65 65 6b 22 2c 22 70 63 6c 69 66 65 53 70 61 6e 57 6b 73 22 3a 22 57 65 65 6b 73 22 2c 22 70 63 63 6f 6e 74 69 6e 75 65 57 69 74 68 6f 75 74 41 63 63 65 70 74 54 65 78 74 22 3a 22 43 6f 6e 74 69 6e 75 65 20 77 69 74 68 6f 75 74 20 41 63 63 65 70 74 69 6e 67 22 2c 22 4d 61 69 6e 54 65 78 74 22 3a 22 50 72 69 76 61 63 79 20 50 72 65
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 7c1b{"DomainData":{"pccloseButtonType":"Icon","pclifeSpanYr":"Year","pclifeSpanYrs":"Years","pclifeSpanSecs":"A few seconds","pclifeSpanWk":"Week","pclifeSpanWks":"Weeks","pccontinueWithoutAcceptText":"Continue without Accepting","MainText":"Privacy Pre
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:45 UTC1369INData Raw: 63 65 20 61 6e 64 20 69 73 20 6d 6f 73 74 6c 79 20 75 73 65 64 20 74 6f 20 6d 61 6b 65 20 74 68 65 20 73 69 74 65 20 77 6f 72 6b 20 61 73 20 79 6f 75 20 65 78 70 65 63 74 20 69 74 20 74 6f 2e 20 54 68 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 64 6f 65 73 20 6e 6f 74 20 75 73 75 61 6c 6c 79 20 64 69 72 65 63 74 6c 79 20 69 64 65 6e 74 69 66 79 20 79 6f 75 2c 20 62 75 74 20 69 74 20 63 61 6e 20 67 69 76 65 20 79 6f 75 20 61 20 6d 6f 72 65 20 70 65 72 73 6f 6e 61 6c 69 73 65 64 20 77 65 62 20 65 78 70 65 72 69 65 6e 63 65 2e 5c 6e 5c 6e 42 65 63 61 75 73 65 20 77 65 20 72 65 73 70 65 63 74 20 79 6f 75 72 20 72 69 67 68 74 20 74 6f 20 70 72 69 76 61 63 79 2c 20 79 6f 75 20 63 61 6e 20 63 68 6f 6f 73 65 20 6e 6f 74 20 74 6f 20 61 6c 6c 6f 77 20 73 6f 6d 65 20
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ce and is mostly used to make the site work as you expect it to. The information does not usually directly identify you, but it can give you a more personalised web experience.\n\nBecause we respect your right to privacy, you can choose not to allow some
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:45 UTC1369INData Raw: 69 6e 67 73 20 62 75 74 74 6f 6e 20 74 6f 20 63 75 73 74 6f 6d 69 7a 65 20 68 6f 77 20 74 68 65 20 73 69 74 65 20 75 73 65 73 20 63 6f 6f 6b 69 65 73 20 66 6f 72 20 79 6f 75 2e 22 2c 22 41 6c 65 72 74 43 6c 6f 73 65 54 65 78 74 22 3a 22 43 6c 6f 73 65 22 2c 22 41 6c 65 72 74 4d 6f 72 65 49 6e 66 6f 54 65 78 74 22 3a 22 43 6f 6f 6b 69 65 73 20 53 65 74 74 69 6e 67 73 22 2c 22 43 6f 6f 6b 69 65 53 65 74 74 69 6e 67 42 75 74 74 6f 6e 54 65 78 74 22 3a 22 43 6f 6f 6b 69 65 73 20 53 65 74 74 69 6e 67 73 22 2c 22 41 6c 65 72 74 41 6c 6c 6f 77 43 6f 6f 6b 69 65 73 54 65 78 74 22 3a 22 41 63 63 65 70 74 20 43 6f 6f 6b 69 65 73 22 2c 22 43 6c 6f 73 65 53 68 6f 75 6c 64 41 63 63 65 70 74 41 6c 6c 43 6f 6f 6b 69 65 73 22 3a 66 61 6c 73 65 2c 22 4c 61 73 74 52 65 63
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ings button to customize how the site uses cookies for you.","AlertCloseText":"Close","AlertMoreInfoText":"Cookies Settings","CookieSettingButtonText":"Cookies Settings","AlertAllowCookiesText":"Accept Cookies","CloseShouldAcceptAllCookies":false,"LastRec
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:45 UTC1369INData Raw: 74 73 2e 20 4d 6f 72 65 20 73 70 65 63 69 66 69 63 61 6c 6c 79 2c 20 77 65 20 75 73 65 20 63 6f 6f 6b 69 65 73 20 61 6e 64 20 6f 74 68 65 72 20 74 72 61 63 6b 69 6e 67 20 74 65 63 68 6e 6f 6c 6f 67 69 65 73 20 66 6f 72 20 74 68 65 20 66 6f 6c 6c 6f 77 69 6e 67 20 70 75 72 70 6f 73 65 73 3a 22 2c 22 47 72 6f 75 70 73 22 3a 5b 7b 22 53 68 6f 77 49 6e 50 6f 70 75 70 22 3a 74 72 75 65 2c 22 53 68 6f 77 49 6e 50 6f 70 75 70 4e 6f 6e 49 41 42 22 3a 74 72 75 65 2c 22 53 68 6f 77 53 44 4b 4c 69 73 74 4c 69 6e 6b 22 3a 74 72 75 65 2c 22 4f 72 64 65 72 22 3a 22 31 22 2c 22 4f 70 74 61 6e 6f 6e 47 72 6f 75 70 49 64 22 3a 22 31 22 2c 22 50 61 72 65 6e 74 22 3a 22 22 2c 22 53 68 6f 77 53 75 62 67 72 6f 75 70 22 3a 74 72 75 65 2c 22 53 68 6f 77 53 75 62 47 72 6f 75 70
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ts. More specifically, we use cookies and other tracking technologies for the following purposes:","Groups":[{"ShowInPopup":true,"ShowInPopupNonIAB":true,"ShowSDKListLink":true,"Order":"1","OptanonGroupId":"1","Parent":"","ShowSubgroup":true,"ShowSubGroup
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:45 UTC1369INData Raw: 65 22 3a 22 53 74 72 69 63 74 6c 79 20 4e 65 63 65 73 73 61 72 79 20 43 6f 6f 6b 69 65 73 22 2c 22 49 73 49 61 62 50 75 72 70 6f 73 65 22 3a 66 61 6c 73 65 2c 22 47 65 6e 65 72 61 6c 56 65 6e 64 6f 72 73 49 64 73 22 3a 5b 5d 2c 22 46 69 72 73 74 50 61 72 74 79 43 6f 6f 6b 69 65 73 22 3a 5b 7b 22 69 64 22 3a 22 37 62 36 34 64 36 32 32 2d 64 65 31 34 2d 34 30 33 36 2d 38 64 35 36 2d 39 37 65 34 34 66 62 33 36 65 37 39 22 2c 22 4e 61 6d 65 22 3a 22 2e 41 73 70 4e 65 74 43 6f 72 65 2e 22 2c 22 48 6f 73 74 22 3a 22 64 65 6d 6f 73 2e 74 65 6c 65 72 69 6b 2e 63 6f 6d 22 2c 22 49 73 53 65 73 73 69 6f 6e 22 3a 74 72 75 65 2c 22 4c 65 6e 67 74 68 22 3a 22 30 22 2c 22 64 65 73 63 72 69 70 74 69 6f 6e 22 3a 22 2e 41 73 70 4e 65 74 43 6f 72 65 2e 22 2c 22 44 75 72 61
                                                                                                                                                                                                                                                                                                                                  Data Ascii: e":"Strictly Necessary Cookies","IsIabPurpose":false,"GeneralVendorsIds":[],"FirstPartyCookies":[{"id":"7b64d622-de14-4036-8d56-97e44fb36e79","Name":".AspNetCore.","Host":"demos.telerik.com","IsSession":true,"Length":"0","description":".AspNetCore.","Dura
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:45 UTC1369INData Raw: 73 20 64 65 73 74 72 6f 79 65 64 20 6f 6e 20 63 6c 6f 73 69 6e 67 20 74 68 65 20 62 72 6f 77 73 65 72 2e 22 2c 22 44 75 72 61 74 69 6f 6e 54 79 70 65 22 3a 31 2c 22 63 61 74 65 67 6f 72 79 22 3a 6e 75 6c 6c 2c 22 69 73 54 68 69 72 64 50 61 72 74 79 22 3a 66 61 6c 73 65 7d 2c 7b 22 69 64 22 3a 22 36 38 31 35 32 33 34 61 2d 33 64 38 34 2d 34 32 62 34 2d 61 31 38 62 2d 61 63 65 30 64 34 36 32 63 32 62 37 22 2c 22 4e 61 6d 65 22 3a 22 5f 5f 52 65 71 75 65 73 74 56 65 72 69 66 69 63 61 74 69 6f 6e 54 6f 6b 65 6e 5f 22 2c 22 48 6f 73 74 22 3a 22 64 65 6d 6f 73 2e 74 65 6c 65 72 69 6b 2e 63 6f 6d 22 2c 22 49 73 53 65 73 73 69 6f 6e 22 3a 74 72 75 65 2c 22 4c 65 6e 67 74 68 22 3a 22 30 22 2c 22 64 65 73 63 72 69 70 74 69 6f 6e 22 3a 22 54 68 69 73 20 69 73 20 61
                                                                                                                                                                                                                                                                                                                                  Data Ascii: s destroyed on closing the browser.","DurationType":1,"category":null,"isThirdParty":false},{"id":"6815234a-3d84-42b4-a18b-ace0d462c2b7","Name":"__RequestVerificationToken_","Host":"demos.telerik.com","IsSession":true,"Length":"0","description":"This is a
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:45 UTC1369INData Raw: 64 66 65 2d 38 64 36 32 2d 62 65 30 33 65 66 62 65 35 62 63 39 22 2c 22 4e 61 6d 65 22 3a 22 5f 63 71 5f 64 75 69 64 22 2c 22 48 6f 73 74 22 3a 22 74 65 6c 65 72 69 6b 2e 63 6f 6d 22 2c 22 49 73 53 65 73 73 69 6f 6e 22 3a 66 61 6c 73 65 2c 22 4c 65 6e 67 74 68 22 3a 22 39 31 22 2c 22 64 65 73 63 72 69 70 74 69 6f 6e 22 3a 22 22 2c 22 44 75 72 61 74 69 6f 6e 54 79 70 65 22 3a 31 2c 22 63 61 74 65 67 6f 72 79 22 3a 6e 75 6c 6c 2c 22 69 73 54 68 69 72 64 50 61 72 74 79 22 3a 66 61 6c 73 65 7d 2c 7b 22 69 64 22 3a 22 39 39 64 63 66 66 38 62 2d 39 38 33 32 2d 34 35 32 62 2d 62 36 62 34 2d 37 35 61 64 34 35 34 37 39 34 64 30 22 2c 22 4e 61 6d 65 22 3a 22 5f 63 71 5f 70 78 67 22 2c 22 48 6f 73 74 22 3a 22 74 65 6c 65 72 69 6b 2e 63 6f 6d 22 2c 22 49 73 53 65 73
                                                                                                                                                                                                                                                                                                                                  Data Ascii: dfe-8d62-be03efbe5bc9","Name":"_cq_duid","Host":"telerik.com","IsSession":false,"Length":"91","description":"","DurationType":1,"category":null,"isThirdParty":false},{"id":"99dcff8b-9832-452b-b6b4-75ad454794d0","Name":"_cq_pxg","Host":"telerik.com","IsSes
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:45 UTC1369INData Raw: 74 20 6f 6e 20 74 68 65 20 41 7a 75 72 65 20 63 6c 6f 75 64 20 70 6c 61 74 66 6f 72 6d 2e 20 54 68 69 73 20 69 73 20 61 20 75 6e 69 71 75 65 20 75 73 65 72 20 69 64 65 6e 74 69 66 69 65 72 20 63 6f 6f 6b 69 65 20 65 6e 61 62 6c 69 6e 67 20 63 6f 75 6e 74 69 6e 67 20 6f 66 20 74 68 65 20 6e 75 6d 62 65 72 20 6f 66 20 75 73 65 72 73 20 61 63 63 65 73 73 69 6e 67 20 74 68 65 20 61 70 70 6c 69 63 61 74 69 6f 6e 20 6f 76 65 72 20 74 69 6d 65 2e 75 73 65 72 22 2c 22 44 75 72 61 74 69 6f 6e 54 79 70 65 22 3a 31 2c 22 63 61 74 65 67 6f 72 79 22 3a 6e 75 6c 6c 2c 22 69 73 54 68 69 72 64 50 61 72 74 79 22 3a 66 61 6c 73 65 7d 2c 7b 22 69 64 22 3a 22 33 38 33 31 35 33 34 35 2d 35 38 37 61 2d 34 32 32 34 2d 39 33 30 62 2d 30 35 66 32 31 35 61 39 35 35 35 31 22 2c 22
                                                                                                                                                                                                                                                                                                                                  Data Ascii: t on the Azure cloud platform. This is a unique user identifier cookie enabling counting of the number of users accessing the application over time.user","DurationType":1,"category":null,"isThirdParty":false},{"id":"38315345-587a-4224-930b-05f215a95551","
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:45 UTC1369INData Raw: 39 65 39 64 2d 37 39 33 30 31 66 34 33 30 35 33 38 22 2c 22 4e 61 6d 65 22 3a 22 41 57 53 41 4c 42 43 4f 52 53 22 2c 22 48 6f 73 74 22 3a 22 6c 65 61 72 6e 2e 74 65 6c 65 72 69 6b 2e 63 6f 6d 22 2c 22 49 73 53 65 73 73 69 6f 6e 22 3a 66 61 6c 73 65 2c 22 4c 65 6e 67 74 68 22 3a 22 37 22 2c 22 64 65 73 63 72 69 70 74 69 6f 6e 22 3a 22 54 68 69 73 20 63 6f 6f 6b 69 65 20 69 73 20 6d 61 6e 61 67 65 64 20 62 79 20 41 57 53 20 61 6e 64 20 69 73 20 75 73 65 64 20 66 6f 72 20 6c 6f 61 64 20 62 61 6c 61 6e 63 69 6e 67 2e 22 2c 22 44 75 72 61 74 69 6f 6e 54 79 70 65 22 3a 31 2c 22 63 61 74 65 67 6f 72 79 22 3a 6e 75 6c 6c 2c 22 69 73 54 68 69 72 64 50 61 72 74 79 22 3a 66 61 6c 73 65 7d 2c 7b 22 69 64 22 3a 22 34 30 36 64 34 61 63 36 2d 63 39 39 65 2d 34 63 33 31
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 9e9d-79301f430538","Name":"AWSALBCORS","Host":"learn.telerik.com","IsSession":false,"Length":"7","description":"This cookie is managed by AWS and is used for load balancing.","DurationType":1,"category":null,"isThirdParty":false},{"id":"406d4ac6-c99e-4c31
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:45 UTC1369INData Raw: 65 22 3a 31 2c 22 63 61 74 65 67 6f 72 79 22 3a 6e 75 6c 6c 2c 22 69 73 54 68 69 72 64 50 61 72 74 79 22 3a 66 61 6c 73 65 7d 2c 7b 22 69 64 22 3a 22 30 33 64 39 39 35 37 30 2d 62 32 62 64 2d 34 66 32 37 2d 61 34 62 61 2d 64 31 65 35 31 30 31 64 65 61 61 34 22 2c 22 4e 61 6d 65 22 3a 22 65 75 70 75 62 63 6f 6e 73 65 6e 74 22 2c 22 48 6f 73 74 22 3a 22 74 65 6c 65 72 69 6b 2e 63 6f 6d 22 2c 22 49 73 53 65 73 73 69 6f 6e 22 3a 66 61 6c 73 65 2c 22 4c 65 6e 67 74 68 22 3a 22 33 36 35 22 2c 22 64 65 73 63 72 69 70 74 69 6f 6e 22 3a 22 54 68 69 73 20 63 6f 6f 6b 69 65 20 69 73 20 75 73 65 64 20 62 79 20 74 68 65 20 49 41 42 20 45 75 72 6f 70 65 20 54 72 61 6e 73 70 61 72 65 6e 63 79 20 26 20 43 6f 6e 73 65 6e 74 20 46 72 61 6d 65 77 6f 72 6b 20 74 6f 20 73 74
                                                                                                                                                                                                                                                                                                                                  Data Ascii: e":1,"category":null,"isThirdParty":false},{"id":"03d99570-b2bd-4f27-a4ba-d1e5101deaa4","Name":"eupubconsent","Host":"telerik.com","IsSession":false,"Length":"365","description":"This cookie is used by the IAB Europe Transparency & Consent Framework to st


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  31192.168.2.749751104.17.246.2034437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:47 UTC542OUTGET /web-vitals/dist/web-vitals.iife.js HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: unpkg.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:47 UTC548INHTTP/1.1 302 Found
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:47 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Type: text/plain; charset=utf-8
                                                                                                                                                                                                                                                                                                                                  Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  access-control-allow-origin: *
                                                                                                                                                                                                                                                                                                                                  cache-control: public, s-maxage=600, max-age=60
                                                                                                                                                                                                                                                                                                                                  location: /web-vitals@3.5.2/dist/web-vitals.iife.js
                                                                                                                                                                                                                                                                                                                                  vary: Accept
                                                                                                                                                                                                                                                                                                                                  via: 1.1 fly.io
                                                                                                                                                                                                                                                                                                                                  fly-request-id: 01HW6M53VK5S24BKQXEM01HZ69-lax
                                                                                                                                                                                                                                                                                                                                  CF-Cache-Status: HIT
                                                                                                                                                                                                                                                                                                                                  Age: 570
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                                                                                                                                                                                  CF-RAY: 8791a33f9dde09f7-LAS
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:47 UTC69INData Raw: 33 66 0d 0a 46 6f 75 6e 64 2e 20 52 65 64 69 72 65 63 74 69 6e 67 20 74 6f 20 2f 77 65 62 2d 76 69 74 61 6c 73 40 33 2e 35 2e 32 2f 64 69 73 74 2f 77 65 62 2d 76 69 74 61 6c 73 2e 69 69 66 65 2e 6a 73 0d 0a
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 3fFound. Redirecting to /web-vitals@3.5.2/dist/web-vitals.iife.js
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:47 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 0


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  32192.168.2.749753104.17.246.2034437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:48 UTC548OUTGET /web-vitals@3.5.2/dist/web-vitals.iife.js HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: unpkg.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:48 UTC576INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:48 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/javascript; charset=utf-8
                                                                                                                                                                                                                                                                                                                                  Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  access-control-allow-origin: *
                                                                                                                                                                                                                                                                                                                                  cache-control: public, max-age=31536000
                                                                                                                                                                                                                                                                                                                                  last-modified: Sat, 26 Oct 1985 08:15:00 GMT
                                                                                                                                                                                                                                                                                                                                  etag: W/"1bff-XBuNuslfZI/SL2xuiJqqum43R9A"
                                                                                                                                                                                                                                                                                                                                  via: 1.1 fly.io
                                                                                                                                                                                                                                                                                                                                  fly-request-id: 01HN160DPX6SN9N7999BX7BXK1-lax
                                                                                                                                                                                                                                                                                                                                  CF-Cache-Status: HIT
                                                                                                                                                                                                                                                                                                                                  Age: 7699370
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                                                                                                                                                                                  CF-RAY: 8791a347fc4e69e3-LAS
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:48 UTC793INData Raw: 31 62 66 66 0d 0a 76 61 72 20 77 65 62 56 69 74 61 6c 73 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 6e 2c 74 2c 72 2c 69 2c 6f 2c 61 3d 2d 31 2c 63 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 70 61 67 65 73 68 6f 77 22 2c 28 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 6e 2e 70 65 72 73 69 73 74 65 64 26 26 28 61 3d 6e 2e 74 69 6d 65 53 74 61 6d 70 2c 65 28 6e 29 29 7d 29 2c 21 30 29 7d 2c 75 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 77 69 6e 64 6f 77 2e 70 65 72 66 6f 72 6d 61 6e 63 65 26 26 70 65 72 66 6f 72 6d 61 6e 63 65 2e 67 65 74 45 6e 74 72 69 65 73 42 79 54 79 70 65 26 26 70 65 72 66 6f 72 6d 61 6e 63 65 2e 67 65 74 45 6e 74 72 69 65 73 42 79 54
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 1bffvar webVitals=function(e){"use strict";var n,t,r,i,o,a=-1,c=function(e){addEventListener("pageshow",(function(n){n.persisted&&(a=n.timeStamp,e(n))}),!0)},u=function(){return window.performance&&performance.getEntriesByType&&performance.getEntriesByT
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:48 UTC1369INData Raw: 65 72 76 65 72 28 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 50 72 6f 6d 69 73 65 2e 72 65 73 6f 6c 76 65 28 29 2e 74 68 65 6e 28 28 66 75 6e 63 74 69 6f 6e 28 29 7b 6e 28 65 2e 67 65 74 45 6e 74 72 69 65 73 28 29 29 7d 29 29 7d 29 29 3b 72 65 74 75 72 6e 20 72 2e 6f 62 73 65 72 76 65 28 4f 62 6a 65 63 74 2e 61 73 73 69 67 6e 28 7b 74 79 70 65 3a 65 2c 62 75 66 66 65 72 65 64 3a 21 30 7d 2c 74 7c 7c 7b 7d 29 29 2c 72 7d 7d 63 61 74 63 68 28 65 29 7b 7d 7d 2c 6c 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 6e 2c 74 2c 72 29 7b 76 61 72 20 69 2c 6f 3b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 61 29 7b 6e 2e 76 61 6c 75 65 3e 3d 30 26 26 28 61 7c 7c 72 29 26 26 28 28 6f 3d 6e 2e 76 61 6c 75 65 2d 28 69 7c 7c 30 29 29 7c 7c 76 6f 69 64 20 30 3d 3d 3d 69 29 26 26 28
                                                                                                                                                                                                                                                                                                                                  Data Ascii: erver((function(e){Promise.resolve().then((function(){n(e.getEntries())}))}));return r.observe(Object.assign({type:e,buffered:!0},t||{})),r}}catch(e){}},l=function(e,n,t,r){var i,o;return function(a){n.value>=0&&(a||r)&&((o=n.value-(i||0))||void 0===i)&&(
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:48 UTC1369INData Raw: 63 74 69 6f 6e 28 65 2c 6e 29 7b 6e 3d 6e 7c 7c 7b 7d 2c 4c 28 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 2c 72 3d 43 28 29 2c 69 3d 66 28 22 46 43 50 22 29 2c 6f 3d 64 28 22 70 61 69 6e 74 22 2c 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 65 2e 66 6f 72 45 61 63 68 28 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 22 66 69 72 73 74 2d 63 6f 6e 74 65 6e 74 66 75 6c 2d 70 61 69 6e 74 22 3d 3d 3d 65 2e 6e 61 6d 65 26 26 28 6f 2e 64 69 73 63 6f 6e 6e 65 63 74 28 29 2c 65 2e 73 74 61 72 74 54 69 6d 65 3c 72 2e 66 69 72 73 74 48 69 64 64 65 6e 54 69 6d 65 26 26 28 69 2e 76 61 6c 75 65 3d 4d 61 74 68 2e 6d 61 78 28 65 2e 73 74 61 72 74 54 69 6d 65 2d 73 28 29 2c 30 29 2c 69 2e 65 6e 74 72 69 65 73 2e 70 75 73 68 28 65 29 2c 74 28 21 30 29 29 29 7d 29 29 7d 29 29 3b
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ction(e,n){n=n||{},L((function(){var t,r=C(),i=f("FCP"),o=d("paint",(function(e){e.forEach((function(e){"first-contentful-paint"===e.name&&(o.disconnect(),e.startTime<r.firstHiddenTime&&(i.value=Math.max(e.startTime-s(),0),i.entries.push(e),t(!0)))}))}));
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:48 UTC1369INData Raw: 28 65 2c 6e 29 7b 76 61 72 20 74 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 41 28 65 2c 6e 29 2c 69 28 29 7d 2c 72 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 69 28 29 7d 2c 69 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 6d 6f 76 65 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 70 6f 69 6e 74 65 72 75 70 22 2c 74 2c 49 29 2c 72 65 6d 6f 76 65 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 70 6f 69 6e 74 65 72 63 61 6e 63 65 6c 22 2c 72 2c 49 29 7d 3b 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 70 6f 69 6e 74 65 72 75 70 22 2c 74 2c 49 29 2c 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 70 6f 69 6e 74 65 72 63 61 6e 63 65 6c 22 2c 72 2c 49 29 7d 28 6e 2c 65 29 3a 41 28 6e 2c 65 29 7d 7d 2c 6b 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 5b 22 6d 6f 75 73 65 64 6f
                                                                                                                                                                                                                                                                                                                                  Data Ascii: (e,n){var t=function(){A(e,n),i()},r=function(){i()},i=function(){removeEventListener("pointerup",t,I),removeEventListener("pointercancel",r,I)};addEventListener("pointerup",t,I),addEventListener("pointercancel",r,I)}(n,e):A(n,e)}},k=function(e){["mousedo
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:48 UTC1369INData Raw: 6e 74 72 69 65 73 3a 5b 65 5d 7d 3b 4a 5b 72 2e 69 64 5d 3d 72 2c 47 2e 70 75 73 68 28 72 29 7d 47 2e 73 6f 72 74 28 28 66 75 6e 63 74 69 6f 6e 28 65 2c 6e 29 7b 72 65 74 75 72 6e 20 6e 2e 6c 61 74 65 6e 63 79 2d 65 2e 6c 61 74 65 6e 63 79 7d 29 29 2c 47 2e 73 70 6c 69 63 65 28 31 30 29 2e 66 6f 72 45 61 63 68 28 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 64 65 6c 65 74 65 20 4a 5b 65 2e 69 64 5d 7d 29 29 7d 7d 2c 51 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 6e 29 7b 6e 3d 6e 7c 7c 7b 7d 2c 4c 28 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 3b 6a 28 29 3b 76 61 72 20 72 2c 69 3d 66 28 22 49 4e 50 22 29 2c 6f 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 65 2e 66 6f 72 45 61 63 68 28 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 28 65 2e 69 6e 74 65 72 61 63 74 69 6f 6e 49
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ntries:[e]};J[r.id]=r,G.push(r)}G.sort((function(e,n){return n.latency-e.latency})),G.splice(10).forEach((function(e){delete J[e.id]}))}},Q=function(e,n){n=n||{},L((function(){var t;j();var r,i=f("INP"),o=function(e){e.forEach((function(e){(e.interactionI
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:48 UTC906INData Raw: 65 6e 65 72 28 65 2c 28 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 73 65 74 54 69 6d 65 6f 75 74 28 75 2c 30 29 7d 29 2c 21 30 29 7d 29 29 2c 70 28 75 29 2c 63 28 28 66 75 6e 63 74 69 6f 6e 28 72 29 7b 69 3d 66 28 22 4c 43 50 22 29 2c 74 3d 6c 28 65 2c 69 2c 55 2c 6e 2e 72 65 70 6f 72 74 41 6c 6c 43 68 61 6e 67 65 73 29 2c 76 28 28 66 75 6e 63 74 69 6f 6e 28 29 7b 69 2e 76 61 6c 75 65 3d 70 65 72 66 6f 72 6d 61 6e 63 65 2e 6e 6f 77 28 29 2d 72 2e 74 69 6d 65 53 74 61 6d 70 2c 57 5b 69 2e 69 64 5d 3d 21 30 2c 74 28 21 30 29 7d 29 29 7d 29 29 7d 7d 29 29 7d 2c 59 3d 5b 38 30 30 2c 31 38 30 30 5d 2c 5a 3d 66 75 6e 63 74 69 6f 6e 20 65 28 6e 29 7b 64 6f 63 75 6d 65 6e 74 2e 70 72 65 72 65 6e 64 65 72 69 6e 67 3f 4c 28 28 66 75 6e 63 74 69 6f 6e 28
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ener(e,(function(){return setTimeout(u,0)}),!0)})),p(u),c((function(r){i=f("LCP"),t=l(e,i,U,n.reportAllChanges),v((function(){i.value=performance.now()-r.timeStamp,W[i.id]=!0,t(!0)}))}))}}))},Y=[800,1800],Z=function e(n){document.prerendering?L((function(
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:48 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 0


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  33192.168.2.74975723.1.102.27443
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:49 UTC161OUTHEAD /fs/windows/config.json HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: identity
                                                                                                                                                                                                                                                                                                                                  User-Agent: Microsoft BITS/7.8
                                                                                                                                                                                                                                                                                                                                  Host: fs.microsoft.com
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:49 UTC467INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                                                                  ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                                                                                                                                                                                                                                                                                                                  Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                                                                                                                                                                                                                                                                                                                  Server: ECAcc (sac/2518)
                                                                                                                                                                                                                                                                                                                                  X-CID: 11
                                                                                                                                                                                                                                                                                                                                  X-Ms-ApiVersion: Distribute 1.2
                                                                                                                                                                                                                                                                                                                                  X-Ms-Region: prod-eus2-z1
                                                                                                                                                                                                                                                                                                                                  Cache-Control: public, max-age=27191
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:49 GMT
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  X-CID: 2


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  34192.168.2.749761104.19.178.524437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:49 UTC590OUTGET /scripttemplates/202401.2.0/assets/otFlat.json HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: cdn.cookielaw.org
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:49 UTC809INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:49 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/json
                                                                                                                                                                                                                                                                                                                                  Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Content-MD5: BhDz7QN6NZvDbVeQXXKKbA==
                                                                                                                                                                                                                                                                                                                                  Last-Modified: Thu, 07 Mar 2024 11:26:21 GMT
                                                                                                                                                                                                                                                                                                                                  x-ms-request-id: c0fceb99-901e-005f-39c4-708dbf000000
                                                                                                                                                                                                                                                                                                                                  x-ms-version: 2009-09-19
                                                                                                                                                                                                                                                                                                                                  x-ms-lease-status: unlocked
                                                                                                                                                                                                                                                                                                                                  x-ms-blob-type: BlockBlob
                                                                                                                                                                                                                                                                                                                                  Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  Cache-Control: max-age=86400
                                                                                                                                                                                                                                                                                                                                  CF-Cache-Status: HIT
                                                                                                                                                                                                                                                                                                                                  Age: 75624
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                                                                                                                                                                                  CF-RAY: 8791a34c8b620ad1-LAS
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:49 UTC560INData Raw: 33 35 32 65 0d 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 22 6e 61 6d 65 22 3a 20 22 6f 74 46 6c 61 74 22 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 22 68 74 6d 6c 22 3a 20 22 50 47 52 70 64 69 42 70 5a 44 30 69 62 32 35 6c 64 48 4a 31 63 33 51 74 59 6d 46 75 62 6d 56 79 4c 58 4e 6b 61 79 49 67 59 32 78 68 63 33 4d 39 49 6d 39 30 52 6d 78 68 64 43 49 2b 50 47 52 70 64 69 42 79 62 32 78 6c 50 53 4a 68 62 47 56 79 64 47 52 70 59 57 78 76 5a 79 49 67 59 58 4a 70 59 53 31 6b 5a 58 4e 6a 63 6d 6c 69 5a 57 52 69 65 54 30 69 62 32 35 6c 64 48 4a 31 63 33 51 74 63 47 39 73 61 57 4e 35 4c 58 52 6c 65 48 51 69 50 6a 78 6b 61 58 59 67 59 32 78 68 63 33 4d 39 49 6d 39 30 4c 58 4e 6b 61 79 31 6a 62 32 35
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 352e { "name": "otFlat", "html": "PGRpdiBpZD0ib25ldHJ1c3QtYmFubmVyLXNkayIgY2xhc3M9Im90RmxhdCI+PGRpdiByb2xlPSJhbGVydGRpYWxvZyIgYXJpYS1kZXNjcmliZWRieT0ib25ldHJ1c3QtcG9saWN5LXRleHQiPjxkaXYgY2xhc3M9Im90LXNkay1jb25
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:49 UTC1369INData Raw: 64 43 49 2b 64 47 6c 30 62 47 55 38 59 53 42 6f 63 6d 56 6d 50 53 49 6a 49 6a 35 77 62 32 78 70 59 33 6b 38 4c 32 45 2b 50 43 39 6b 61 58 59 2b 50 47 52 70 64 69 42 6a 62 47 46 7a 63 7a 30 69 62 33 51 74 5a 48 42 6b 4c 57 4e 76 62 6e 52 68 61 57 35 6c 63 69 49 2b 50 47 67 7a 49 47 4e 73 59 58 4e 7a 50 53 4a 76 64 43 31 6b 63 47 51 74 64 47 6c 30 62 47 55 69 50 6c 64 6c 49 47 4e 76 62 47 78 6c 59 33 51 67 5a 47 46 30 59 53 42 70 62 69 42 76 63 6d 52 6c 63 69 42 30 62 79 42 77 63 6d 39 32 61 57 52 6c 4f 6a 77 76 61 44 4d 2b 50 47 52 70 64 69 42 6a 62 47 46 7a 63 7a 30 69 62 33 51 74 5a 48 42 6b 4c 57 4e 76 62 6e 52 6c 62 6e 51 69 50 6a 78 77 49 47 4e 73 59 58 4e 7a 50 53 4a 76 64 43 31 6b 63 47 51 74 5a 47 56 7a 59 79 49 2b 5a 47 56 7a 59 33 4a 70 63 48 52
                                                                                                                                                                                                                                                                                                                                  Data Ascii: dCI+dGl0bGU8YSBocmVmPSIjIj5wb2xpY3k8L2E+PC9kaXY+PGRpdiBjbGFzcz0ib3QtZHBkLWNvbnRhaW5lciI+PGgzIGNsYXNzPSJvdC1kcGQtdGl0bGUiPldlIGNvbGxlY3QgZGF0YSBpbiBvcmRlciB0byBwcm92aWRlOjwvaDM+PGRpdiBjbGFzcz0ib3QtZHBkLWNvbnRlbnQiPjxwIGNsYXNzPSJvdC1kcGQtZGVzYyI+ZGVzY3JpcHR
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:49 UTC1369INData Raw: 32 39 75 49 6a 34 38 4c 32 4a 31 64 48 52 76 62 6a 34 38 4c 32 52 70 64 6a 34 38 49 53 30 74 49 45 4e 73 62 33 4e 6c 49 45 4a 31 64 48 52 76 62 69 42 46 54 6b 51 74 4c 54 34 38 4c 32 52 70 64 6a 34 38 4c 32 52 70 64 6a 34 3d 22 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 22 63 73 73 22 3a 20 22 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 7b 62 6f 78 2d 73 68 61 64 6f 77 3a 30 20 30 20 31 38 70 78 20 72 67 62 61 28 30 2c 30 2c 30 2c 2e 32 29 7d 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 2e 6f 74 46 6c 61 74 7b 70 6f 73 69 74 69 6f 6e 3a 66 69 78 65 64 3b 7a 2d 69 6e 64 65 78 3a 32 31 34 37 34 38 33 36 34 35 3b 62 6f 74 74 6f 6d 3a 30 3b 72 69 67 68 74 3a 30 3b 6c 65 66 74 3a 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 29uIj48L2J1dHRvbj48L2Rpdj48IS0tIENsb3NlIEJ1dHRvbiBFTkQtLT48L2Rpdj48L2Rpdj4=", "css": "#onetrust-banner-sdk{box-shadow:0 0 18px rgba(0,0,0,.2)}#onetrust-banner-sdk.otFlat{position:fixed;z-index:2147483645;bottom:0;right:0;left:0;background-
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:49 UTC1369INData Raw: 6b 20 23 6f 6e 65 74 72 75 73 74 2d 70 6f 6c 69 63 79 2d 74 69 74 6c 65 2c 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 23 6f 6e 65 74 72 75 73 74 2d 70 6f 6c 69 63 79 2d 74 65 78 74 7b 63 6f 6c 6f 72 3a 64 69 6d 67 72 61 79 3b 66 6c 6f 61 74 3a 6c 65 66 74 7d 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 23 6f 6e 65 74 72 75 73 74 2d 62 75 74 74 6f 6e 2d 67 72 6f 75 70 2d 70 61 72 65 6e 74 7b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 70 78 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 7d 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 23 6f 6e 65 74 72 75 73 74 2d 62 75 74 74 6f 6e 2d 67 72 6f 75 70 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 7d 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e
                                                                                                                                                                                                                                                                                                                                  Data Ascii: k #onetrust-policy-title,#onetrust-banner-sdk #onetrust-policy-text{color:dimgray;float:left}#onetrust-banner-sdk #onetrust-button-group-parent{min-height:1px;text-align:center}#onetrust-banner-sdk #onetrust-button-group{display:inline-block}#onetrust-ban
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:49 UTC1369INData Raw: 6e 6e 65 72 2d 6f 70 74 69 6f 6e 2d 69 6e 70 75 74 7b 63 75 72 73 6f 72 3a 70 6f 69 6e 74 65 72 3b 77 69 64 74 68 3a 61 75 74 6f 3b 68 65 69 67 68 74 3a 61 75 74 6f 3b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 3a 30 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 33 70 78 3b 6d 61 72 67 69 6e 3a 30 20 30 20 31 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 38 32 65 6d 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 34 7d 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 2e 62 61 6e 6e 65 72 2d 6f 70 74 69 6f 6e 2d 69 6e 70 75 74 20 2a 7b 70 6f 69 6e 74 65 72 2d 65 76 65 6e 74 73 3a 6e 6f 6e 65 3b 66 6f 6e 74 2d 73 69 7a 65 3a 69 6e 68 65 72 69 74 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 69 6e 68 65 72 69 74 7d 23 6f 6e 65 74 72 75 73 74
                                                                                                                                                                                                                                                                                                                                  Data Ascii: nner-option-input{cursor:pointer;width:auto;height:auto;border:none;padding:0;padding-right:3px;margin:0 0 10px;font-size:.82em;line-height:1.4}#onetrust-banner-sdk .banner-option-input *{pointer-events:none;font-size:inherit;line-height:inherit}#onetrust
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:49 UTC1369INData Raw: 64 6b 20 2e 6f 74 2d 61 72 72 6f 77 2d 63 6f 6e 74 61 69 6e 65 72 2c 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 2e 62 61 6e 6e 65 72 2d 6f 70 74 69 6f 6e 2d 64 65 74 61 69 6c 73 7b 74 72 61 6e 73 69 74 69 6f 6e 3a 61 6c 6c 20 33 30 30 6d 73 20 65 61 73 65 2d 69 6e 20 30 73 3b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 69 74 69 6f 6e 3a 61 6c 6c 20 33 30 30 6d 73 20 65 61 73 65 2d 69 6e 20 30 73 3b 2d 6d 6f 7a 2d 74 72 61 6e 73 69 74 69 6f 6e 3a 61 6c 6c 20 33 30 30 6d 73 20 65 61 73 65 2d 69 6e 20 30 73 3b 2d 6f 2d 74 72 61 6e 73 69 74 69 6f 6e 3a 61 6c 6c 20 33 30 30 6d 73 20 65 61 73 65 2d 69 6e 20 30 73 7d 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 2e 6f 74 2d 64 70 64 2d 63 6f 6e 74 61 69 6e 65 72 7b 66 6c 6f 61 74
                                                                                                                                                                                                                                                                                                                                  Data Ascii: dk .ot-arrow-container,#onetrust-banner-sdk .banner-option-details{transition:all 300ms ease-in 0s;-webkit-transition:all 300ms ease-in 0s;-moz-transition:all 300ms ease-in 0s;-o-transition:all 300ms ease-in 0s}#onetrust-banner-sdk .ot-dpd-container{float
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:49 UTC1369INData Raw: 72 2d 73 64 6b 20 2e 6f 74 2d 64 70 64 2d 64 65 73 63 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 31 30 70 78 7d 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 2e 6f 74 2d 64 70 64 2d 64 65 73 63 3e 2e 6f 74 2d 62 2d 61 64 64 6c 2d 64 65 73 63 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 31 30 70 78 3b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 31 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 65 6d 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 20 34 32 35 70 78 29 7b 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 23 6f 6e 65 74 72 75 73 74 2d 63 6c 6f 73 65 2d 62 74 6e 2d 63 6f 6e 74 61 69 6e 65 72 7b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 36 70 78
                                                                                                                                                                                                                                                                                                                                  Data Ascii: r-sdk .ot-dpd-desc{margin-bottom:10px}#onetrust-banner-sdk .ot-dpd-desc>.ot-b-addl-desc{margin-top:10px;margin-bottom:10px;font-size:1em}@media only screen and (max-width: 425px){#onetrust-banner-sdk #onetrust-close-btn-container{position:absolute;top:6px
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:49 UTC1369INData Raw: 73 64 6b 20 23 6f 6e 65 74 72 75 73 74 2d 62 75 74 74 6f 6e 2d 67 72 6f 75 70 20 62 75 74 74 6f 6e 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 7d 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 23 6f 6e 65 74 72 75 73 74 2d 62 75 74 74 6f 6e 2d 67 72 6f 75 70 7b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 30 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 7d 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 2e 68 61 73 2d 72 65 6a 65 63 74 2d 61 6c 6c 2d 62 75 74 74 6f 6e 20 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 62 74 6e 2d 68 61 6e 64 6c 65 72 7b 66 6c 6f 61 74 3a 6c 65 66 74 7d 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 2e 68 61 73 2d 72 65 6a 65 63 74 2d 61 6c 6c 2d 62 75 74 74 6f 6e
                                                                                                                                                                                                                                                                                                                                  Data Ascii: sdk #onetrust-button-group button{display:inline-block}#onetrust-banner-sdk #onetrust-button-group{margin-right:0;text-align:center}#onetrust-banner-sdk .has-reject-all-button #onetrust-pc-btn-handler{float:left}#onetrust-banner-sdk .has-reject-all-button
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:49 UTC1369INData Raw: 72 75 73 74 2d 72 65 6a 65 63 74 2d 61 6c 6c 2d 68 61 6e 64 6c 65 72 2c 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 2e 6f 74 2d 69 61 62 2d 32 20 23 6f 6e 65 74 72 75 73 74 2d 62 75 74 74 6f 6e 2d 67 72 6f 75 70 20 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 62 74 6e 2d 68 61 6e 64 6c 65 72 7b 77 69 64 74 68 3a 31 30 30 25 7d 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 2e 6f 74 2d 69 61 62 2d 32 20 23 6f 6e 65 74 72 75 73 74 2d 62 75 74 74 6f 6e 2d 67 72 6f 75 70 20 23 6f 6e 65 74 72 75 73 74 2d 61 63 63 65 70 74 2d 62 74 6e 2d 68 61 6e 64 6c 65 72 2c 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 2e 6f 74 2d 69 61 62 2d 32 20 23 6f 6e 65 74 72 75 73 74 2d 62 75 74 74 6f 6e 2d 67 72 6f 75 70 20 23 6f 6e 65 74 72 75
                                                                                                                                                                                                                                                                                                                                  Data Ascii: rust-reject-all-handler,#onetrust-banner-sdk.ot-iab-2 #onetrust-button-group #onetrust-pc-btn-handler{width:100%}#onetrust-banner-sdk.ot-iab-2 #onetrust-button-group #onetrust-accept-btn-handler,#onetrust-banner-sdk.ot-iab-2 #onetrust-button-group #onetru
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:49 UTC1369INData Raw: 72 61 6e 73 6c 61 74 65 59 28 2d 35 30 25 29 7d 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 2e 6f 74 2d 6f 70 74 6f 75 74 2d 73 69 67 6e 61 6c 7b 77 69 64 74 68 3a 35 30 25 7d 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 2e 6f 74 2d 69 61 62 2d 32 20 23 6f 6e 65 74 72 75 73 74 2d 70 6f 6c 69 63 79 2d 74 69 74 6c 65 7b 77 69 64 74 68 3a 35 30 25 7d 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 2e 6f 74 2d 69 61 62 2d 32 20 23 6f 6e 65 74 72 75 73 74 2d 70 6f 6c 69 63 79 2d 74 65 78 74 2c 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 2e 6f 74 2d 69 61 62 2d 32 20 3a 6e 6f 74 28 2e 6f 74 2d 64 70 64 2d 64 65 73 63 29 3e 2e 6f 74 2d 62 2d 61 64 64 6c 2d 64 65 73 63 7b 6d 61 72 67 69 6e 2d 62 6f 74
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ranslateY(-50%)}#onetrust-banner-sdk .ot-optout-signal{width:50%}#onetrust-banner-sdk.ot-iab-2 #onetrust-policy-title{width:50%}#onetrust-banner-sdk.ot-iab-2 #onetrust-policy-text,#onetrust-banner-sdk.ot-iab-2 :not(.ot-dpd-desc)>.ot-b-addl-desc{margin-bot


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  35192.168.2.749762104.19.178.524437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:49 UTC597OUTGET /scripttemplates/202401.2.0/assets/otCommonStyles.css HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: cdn.cookielaw.org
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:49 UTC826INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:49 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Type: text/css
                                                                                                                                                                                                                                                                                                                                  Content-Length: 21778
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Content-MD5: c7xAZ9MSGAobGaTYg/Qtag==
                                                                                                                                                                                                                                                                                                                                  Last-Modified: Thu, 07 Mar 2024 11:26:34 GMT
                                                                                                                                                                                                                                                                                                                                  ETag: 0x8DC3E9971F9F305
                                                                                                                                                                                                                                                                                                                                  x-ms-request-id: ad841837-801e-007c-19de-70177c000000
                                                                                                                                                                                                                                                                                                                                  x-ms-version: 2009-09-19
                                                                                                                                                                                                                                                                                                                                  x-ms-lease-status: unlocked
                                                                                                                                                                                                                                                                                                                                  x-ms-blob-type: BlockBlob
                                                                                                                                                                                                                                                                                                                                  Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  Cache-Control: max-age=86400
                                                                                                                                                                                                                                                                                                                                  CF-Cache-Status: HIT
                                                                                                                                                                                                                                                                                                                                  Age: 75624
                                                                                                                                                                                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                                                                                                                                                                                  CF-RAY: 8791a34c8b2d0ad7-LAS
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:49 UTC543INData Raw: 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 7b 2d 6d 73 2d 74 65 78 74 2d 73 69 7a 65 2d 61 64 6a 75 73 74 3a 31 30 30 25 3b 2d 77 65 62 6b 69 74 2d 74 65 78 74 2d 73 69 7a 65 2d 61 64 6a 75 73 74 3a 31 30 30 25 7d 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 2e 6f 6e 65 74 72 75 73 74 2d 76 65 6e 64 6f 72 73 2d 6c 69 73 74 2d 68 61 6e 64 6c 65 72 7b 63 75 72 73 6f 72 3a 70 6f 69 6e 74 65 72 3b 63 6f 6c 6f 72 3a 23 31 66 39 36 64 62 3b 66 6f 6e 74 2d 73 69 7a 65 3a 69 6e 68 65 72 69 74 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 35 70 78 7d 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 2e 6f 6e 65
                                                                                                                                                                                                                                                                                                                                  Data Ascii: #onetrust-banner-sdk{-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%}#onetrust-banner-sdk .onetrust-vendors-list-handler{cursor:pointer;color:#1f96db;font-size:inherit;font-weight:bold;text-decoration:none;margin-left:5px}#onetrust-banner-sdk .one
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:49 UTC1369INData Raw: 6b 20 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 62 74 6e 2d 68 61 6e 64 6c 65 72 7b 6f 75 74 6c 69 6e 65 2d 6f 66 66 73 65 74 3a 31 70 78 7d 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 2e 6f 74 2d 62 6e 72 2d 77 2d 6c 6f 67 6f 20 2e 6f 74 2d 62 6e 72 2d 6c 6f 67 6f 7b 68 65 69 67 68 74 3a 36 34 70 78 3b 77 69 64 74 68 3a 36 34 70 78 7d 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 2e 6f 74 2d 74 63 66 32 2d 76 65 6e 64 6f 72 2d 63 6f 75 6e 74 2e 6f 74 2d 74 65 78 74 2d 62 6f 6c 64 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 7d 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 2e 6f 74 2d 63 6c 6f 73 65 2d 69 63 6f 6e 2c 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 2e 6f 74 2d 63 6c 6f 73 65 2d 69 63
                                                                                                                                                                                                                                                                                                                                  Data Ascii: k #onetrust-pc-btn-handler{outline-offset:1px}#onetrust-banner-sdk.ot-bnr-w-logo .ot-bnr-logo{height:64px;width:64px}#onetrust-banner-sdk .ot-tcf2-vendor-count.ot-text-bold{font-weight:bold}#onetrust-banner-sdk .ot-close-icon,#onetrust-pc-sdk .ot-close-ic
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:49 UTC1369INData Raw: 79 6e 63 2d 6e 74 66 79 20 62 75 74 74 6f 6e 20 2a 2c 23 6f 74 2d 73 79 6e 63 2d 6e 74 66 79 20 61 5b 64 61 74 61 2d 70 61 72 65 6e 74 2d 69 64 5d 20 2a 7b 66 6f 6e 74 2d 73 69 7a 65 3a 69 6e 68 65 72 69 74 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 69 6e 68 65 72 69 74 3b 63 6f 6c 6f 72 3a 69 6e 68 65 72 69 74 7d 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 2e 6f 74 2d 68 69 64 65 2c 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 2e 6f 74 2d 68 69 64 65 2c 23 6f 74 2d 73 79 6e 63 2d 6e 74 66 79 20 2e 6f 74 2d 68 69 64 65 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 20 21 69 6d 70 6f 72 74 61 6e 74 7d 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 62 75 74 74 6f 6e 2e 6f 74 2d 6c 69 6e 6b 2d 62 74 6e 3a 68 6f 76 65 72 2c 23 6f
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ync-ntfy button *,#ot-sync-ntfy a[data-parent-id] *{font-size:inherit;font-weight:inherit;color:inherit}#onetrust-banner-sdk .ot-hide,#onetrust-pc-sdk .ot-hide,#ot-sync-ntfy .ot-hide{display:none !important}#onetrust-banner-sdk button.ot-link-btn:hover,#o
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:49 UTC1369INData Raw: 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 63 65 6e 74 65 72 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 73 69 7a 65 3a 63 6f 6e 74 61 69 6e 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 72 65 70 65 61 74 3a 6e 6f 2d 72 65 70 65 61 74 3b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 66 6c 65 78 3b 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 3a 63 65 6e 74 65 72 3b 61 6c 69 67 6e 2d 69 74 65 6d 73 3a 63 65 6e 74 65 72 7d 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 2e 70 63 2d 6c 6f 67 6f 20 69 6d 67 2c 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 2e 6f 74 2d 70 63 2d 6c 6f 67 6f 20 69 6d 67 7b 6d 61 78 2d 68 65 69 67 68 74 3a 31 30 30 25 3b 6d 61 78 2d 77 69 64 74 68 3a 31 30 30 25 7d 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 2e 73 63 72
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ackground-position:center;background-size:contain;background-repeat:no-repeat;display:inline-flex;justify-content:center;align-items:center}#onetrust-pc-sdk .pc-logo img,#onetrust-pc-sdk .ot-pc-logo img{max-height:100%;max-width:100%}#onetrust-pc-sdk .scr
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:49 UTC1369INData Raw: 6e 65 74 72 75 73 74 2d 66 61 64 65 2d 69 6e 7b 30 25 7b 6f 70 61 63 69 74 79 3a 30 7d 31 30 30 25 7b 6f 70 61 63 69 74 79 3a 31 7d 7d 2e 6f 74 2d 63 6f 6f 6b 69 65 2d 6c 61 62 65 6c 7b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 75 6e 64 65 72 6c 69 6e 65 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 77 69 64 74 68 3a 20 34 32 36 70 78 29 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 20 38 39 36 70 78 29 61 6e 64 20 28 6f 72 69 65 6e 74 61 74 69 6f 6e 3a 20 6c 61 6e 64 73 63 61 70 65 29 7b 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 70 7b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 37 35 65 6d 7d 7d 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 2e 62 61 6e 6e 65 72 2d 6f 70 74 69 6f 6e 2d 69 6e 70
                                                                                                                                                                                                                                                                                                                                  Data Ascii: netrust-fade-in{0%{opacity:0}100%{opacity:1}}.ot-cookie-label{text-decoration:underline}@media only screen and (min-width: 426px)and (max-width: 896px)and (orientation: landscape){#onetrust-pc-sdk p{font-size:.75em}}#onetrust-banner-sdk .banner-option-inp
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:49 UTC1369INData Raw: 61 79 3a 69 6e 6c 69 6e 65 3b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 35 70 78 7d 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 2e 6f 74 2d 6f 70 74 6f 75 74 2d 73 69 67 6e 61 6c 20 73 76 67 2c 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 2e 6f 74 2d 6f 70 74 6f 75 74 2d 73 69 67 6e 61 6c 20 73 76 67 7b 68 65 69 67 68 74 3a 32 30 70 78 3b 77 69 64 74 68 3a 33 30 70 78 3b 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 30 2e 35 29 7d 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 2e 6f 74 2d 6f 70 74 6f 75 74 2d 73 69 67 6e 61 6c 20 73 76 67 20 70 61 74 68 2c 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 2e 6f 74 2d 6f 70 74 6f 75 74 2d 73 69 67 6e 61 6c 20 73 76 67 20 70 61 74 68 7b 66 69 6c 6c 3a 23 33 32 61 65
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ay:inline;margin-right:5px}#onetrust-banner-sdk .ot-optout-signal svg,#onetrust-pc-sdk .ot-optout-signal svg{height:20px;width:30px;transform:scale(0.5)}#onetrust-banner-sdk .ot-optout-signal svg path,#onetrust-pc-sdk .ot-optout-signal svg path{fill:#32ae
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:49 UTC1369INData Raw: 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 2e 6f 74 2d 74 6f 67 67 6c 65 2c 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 23 6f 74 2d 63 6f 6e 74 65 6e 74 2c 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 23 6f 74 2d 70 63 2d 63 6f 6e 74 65 6e 74 2c 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 2e 63 68 65 63 6b 62 6f 78 2c 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 64 69 76 2c 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 73 70 61 6e 2c 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 68 31 2c 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 68 32 2c 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 68 33 2c 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 68 34 2c
                                                                                                                                                                                                                                                                                                                                  Data Ascii: #onetrust-banner-sdk .ot-toggle,#onetrust-banner-sdk #ot-content,#onetrust-banner-sdk #ot-pc-content,#onetrust-banner-sdk .checkbox,#onetrust-pc-sdk div,#onetrust-pc-sdk span,#onetrust-pc-sdk h1,#onetrust-pc-sdk h2,#onetrust-pc-sdk h3,#onetrust-pc-sdk h4,
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:49 UTC1369INData Raw: 73 64 6b 2d 63 6f 6f 6b 69 65 2d 70 6f 6c 69 63 79 20 74 64 2c 23 6f 74 2d 73 64 6b 2d 63 6f 6f 6b 69 65 2d 70 6f 6c 69 63 79 20 74 62 6f 64 79 2c 23 6f 74 2d 73 64 6b 2d 63 6f 6f 6b 69 65 2d 70 6f 6c 69 63 79 20 2e 6f 74 2d 6d 61 69 6e 2d 63 6f 6e 74 65 6e 74 2c 23 6f 74 2d 73 64 6b 2d 63 6f 6f 6b 69 65 2d 70 6f 6c 69 63 79 20 2e 6f 74 2d 74 6f 67 67 6c 65 2c 23 6f 74 2d 73 64 6b 2d 63 6f 6f 6b 69 65 2d 70 6f 6c 69 63 79 20 23 6f 74 2d 63 6f 6e 74 65 6e 74 2c 23 6f 74 2d 73 64 6b 2d 63 6f 6f 6b 69 65 2d 70 6f 6c 69 63 79 20 23 6f 74 2d 70 63 2d 63 6f 6e 74 65 6e 74 2c 23 6f 74 2d 73 64 6b 2d 63 6f 6f 6b 69 65 2d 70 6f 6c 69 63 79 20 2e 63 68 65 63 6b 62 6f 78 2c 23 6f 74 2d 73 79 6e 63 2d 6e 74 66 79 20 64 69 76 2c 23 6f 74 2d 73 79 6e 63 2d 6e 74 66 79
                                                                                                                                                                                                                                                                                                                                  Data Ascii: sdk-cookie-policy td,#ot-sdk-cookie-policy tbody,#ot-sdk-cookie-policy .ot-main-content,#ot-sdk-cookie-policy .ot-toggle,#ot-sdk-cookie-policy #ot-content,#ot-sdk-cookie-policy #ot-pc-content,#ot-sdk-cookie-policy .checkbox,#ot-sync-ntfy div,#ot-sync-ntfy
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:49 UTC1369INData Raw: 65 72 2d 73 64 6b 20 6c 61 62 65 6c 3a 61 66 74 65 72 2c 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 2e 63 68 65 63 6b 62 6f 78 3a 61 66 74 65 72 2c 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 2e 63 68 65 63 6b 62 6f 78 3a 62 65 66 6f 72 65 2c 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 6c 61 62 65 6c 3a 62 65 66 6f 72 65 2c 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 6c 61 62 65 6c 3a 61 66 74 65 72 2c 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 2e 63 68 65 63 6b 62 6f 78 3a 61 66 74 65 72 2c 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 2e 63 68 65 63 6b 62 6f 78 3a 62 65 66 6f 72 65 2c 23 6f 74 2d 73 64 6b 2d 63 6f 6f 6b 69 65 2d 70 6f 6c 69 63 79 20 6c 61 62 65 6c 3a 62 65 66 6f 72 65 2c
                                                                                                                                                                                                                                                                                                                                  Data Ascii: er-sdk label:after,#onetrust-banner-sdk .checkbox:after,#onetrust-banner-sdk .checkbox:before,#onetrust-pc-sdk label:before,#onetrust-pc-sdk label:after,#onetrust-pc-sdk .checkbox:after,#onetrust-pc-sdk .checkbox:before,#ot-sdk-cookie-policy label:before,
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:49 UTC1369INData Raw: 6b 2d 63 6f 6c 75 6d 6e 73 2c 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 2e 6f 74 2d 73 64 6b 2d 63 6f 6c 75 6d 6e 2c 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 2e 6f 74 2d 73 64 6b 2d 63 6f 6c 75 6d 6e 73 2c 23 6f 74 2d 73 64 6b 2d 63 6f 6f 6b 69 65 2d 70 6f 6c 69 63 79 20 2e 6f 74 2d 73 64 6b 2d 63 6f 6c 75 6d 6e 2c 23 6f 74 2d 73 64 6b 2d 63 6f 6f 6b 69 65 2d 70 6f 6c 69 63 79 20 2e 6f 74 2d 73 64 6b 2d 63 6f 6c 75 6d 6e 73 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 34 25 7d 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 2e 6f 74 2d 73 64 6b 2d 63 6f 6c 75 6d 6e 3a 66 69 72 73 74 2d 63 68 69 6c 64 2c 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 2e 6f 74 2d 73 64 6b 2d 63 6f 6c 75 6d 6e 73 3a 66 69 72 73 74
                                                                                                                                                                                                                                                                                                                                  Data Ascii: k-columns,#onetrust-pc-sdk .ot-sdk-column,#onetrust-pc-sdk .ot-sdk-columns,#ot-sdk-cookie-policy .ot-sdk-column,#ot-sdk-cookie-policy .ot-sdk-columns{margin-left:4%}#onetrust-banner-sdk .ot-sdk-column:first-child,#onetrust-banner-sdk .ot-sdk-columns:first


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  36192.168.2.749759142.251.2.1564437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:49 UTC853OUTPOST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-111455-74&cid=925834404.1713914987&jid=629508174&gjid=478797266&_gid=1225407003.1713914987&_u=aGDAiEABBAAAAGAFKC~&z=1747705249 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: stats.g.doubleclick.net
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:49 UTC593INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:49 GMT
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                                                                                                                  Last-Modified: Sun, 17 May 1998 03:00:00 GMT
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                  Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                                                                  Server: Golfe2
                                                                                                                                                                                                                                                                                                                                  Content-Length: 2
                                                                                                                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:49 UTC2INData Raw: 31 67
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 1g


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  37192.168.2.749758142.251.2.1564437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:49 UTC853OUTPOST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-111455-1&cid=925834404.1713914987&jid=1541579741&gjid=934141005&_gid=1225407003.1713914987&_u=aGBAiEABBAAAAGAFKC~&z=2074653487 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: stats.g.doubleclick.net
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:49 UTC593INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:49 GMT
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                                                                                                                  Last-Modified: Sun, 17 May 1998 03:00:00 GMT
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                  Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                                                                  Server: Golfe2
                                                                                                                                                                                                                                                                                                                                  Content-Length: 2
                                                                                                                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:49 UTC2INData Raw: 31 67
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 1g


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  38192.168.2.74976313.226.225.314437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:49 UTC547OUTGET /modules.588629dd3c10b20ab52d.js HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: script.hotjar.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:49 UTC718INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/javascript; charset=utf-8
                                                                                                                                                                                                                                                                                                                                  Content-Length: 225718
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 14:47:12 GMT
                                                                                                                                                                                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  Cache-Control: max-age=31536000
                                                                                                                                                                                                                                                                                                                                  Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                                                                  ETag: "d78f803b3665558f63f048e3a8740d4b"
                                                                                                                                                                                                                                                                                                                                  Last-Modified: Tue, 23 Apr 2024 14:46:56 GMT
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=2592000; includeSubDomains
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  X-Robots-Tag: none
                                                                                                                                                                                                                                                                                                                                  Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                  X-Cache: Hit from cloudfront
                                                                                                                                                                                                                                                                                                                                  Via: 1.1 192a3b8b8f8d6d8997f0a7df9cf5f1be.cloudfront.net (CloudFront)
                                                                                                                                                                                                                                                                                                                                  X-Amz-Cf-Pop: LAX50-C2
                                                                                                                                                                                                                                                                                                                                  X-Amz-Cf-Id: Jy23JAQVeh5U7Im3X-PCB7l6B445CWGrzRBYzATvf11XYMaB0Eepsg==
                                                                                                                                                                                                                                                                                                                                  Age: 31357
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:49 UTC15666INData Raw: 2f 2a 21 20 46 6f 72 20 6c 69 63 65 6e 73 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 70 6c 65 61 73 65 20 73 65 65 20 6d 6f 64 75 6c 65 73 2e 35 38 38 36 32 39 64 64 33 63 31 30 62 32 30 61 62 35 32 64 2e 6a 73 2e 4c 49 43 45 4e 53 45 2e 74 78 74 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 3d 7b 34 37 38 38 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 6e 2e 64 28 74 2c 7b 73 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 72 7d 7d 29 3b 63 6f 6e 73 74 20 72 3d 4f 62 6a 65 63 74 2e 66 72 65 65 7a 65 28 7b 49 44 45 4e 54 49 46 59 5f 55 53 45 52 3a 22 69 64 65 6e 74 69 66 79 5f 75 73 65 72 22 2c 41 55 54 4f 54 41 47 5f 52 45 43 4f 52 44 49 4e 47 3a 22 61 75 74 6f 74 61 67 5f 72 65 63 6f
                                                                                                                                                                                                                                                                                                                                  Data Ascii: /*! For license information please see modules.588629dd3c10b20ab52d.js.LICENSE.txt */!function(){var e={4788:function(e,t,n){"use strict";n.d(t,{s:function(){return r}});const r=Object.freeze({IDENTIFY_USER:"identify_user",AUTOTAG_RECORDING:"autotag_reco
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:49 UTC16384INData Raw: 28 28 66 75 6e 63 74 69 6f 6e 28 29 7b 65 2e 72 75 6e 43 61 6c 6c 62 61 63 6b 28 29 2c 74 2e 61 63 74 69 76 65 57 69 64 67 65 74 3d 65 7d 29 29 7d 2c 74 2e 73 65 74 4c 61 6e 67 75 61 67 65 3d 68 6a 2e 74 72 79 43 61 74 63 68 28 28 66 75 6e 63 74 69 6f 6e 28 74 29 7b 69 66 28 21 75 2e 69 6e 63 6c 75 64 65 73 28 74 29 29 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 27 49 6e 76 61 6c 69 64 20 6c 61 6e 67 75 61 67 65 20 22 27 2b 74 2b 27 22 27 29 3b 65 3d 74 2c 68 6a 2e 77 69 64 67 65 74 2e 61 63 74 69 76 65 4c 61 6e 67 75 61 67 65 44 69 72 65 63 74 69 6f 6e 3d 6e 2e 69 6e 64 65 78 4f 66 28 74 29 3e 2d 31 3f 22 72 74 6c 22 3a 22 6c 74 72 22 2c 68 6a 2e 77 69 64 67 65 74 2e 69 73 41 63 74 69 76 65 4c 61 6e 67 75 61 67 65 44 69 72 65 63 74 69 6f 6e 52 74 6c
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ((function(){e.runCallback(),t.activeWidget=e}))},t.setLanguage=hj.tryCatch((function(t){if(!u.includes(t))throw new Error('Invalid language "'+t+'"');e=t,hj.widget.activeLanguageDirection=n.indexOf(t)>-1?"rtl":"ltr",hj.widget.isActiveLanguageDirectionRtl
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:49 UTC16384INData Raw: 28 68 6a 2e 74 72 79 43 61 74 63 68 28 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 2f 5e 28 28 5b 5e 3c 3e 28 29 5b 5c 5d 5c 5c 2e 2c 3b 3a 5c 73 40 22 5d 2b 28 5c 2e 5b 5e 3c 3e 28 29 5b 5c 5d 5c 5c 2e 2c 3b 3a 5c 73 40 22 5d 2b 29 2a 29 7c 28 22 2e 2b 22 29 29 40 28 28 5c 5b 5b 30 2d 39 5d 7b 31 2c 33 7d 5c 2e 5b 30 2d 39 5d 7b 31 2c 33 7d 5c 2e 5b 30 2d 39 5d 7b 31 2c 33 7d 5c 2e 5b 30 2d 39 5d 7b 31 2c 33 7d 5d 29 7c 28 28 5b 61 2d 7a 41 2d 5a 5c 2d 30 2d 39 5d 2b 5c 2e 29 2b 5b 61 2d 7a 41 2d 5a 5d 7b 32 2c 7d 29 29 24 2f 2e 74 65 73 74 28 65 29 7d 29 2c 22 75 74 69 6c 73 2e 76 61 6c 69 64 61 74 65 45 6d 61 69 6c 22 29 2c 68 6a 2e 74 72 79 43 61 74 63 68 28 28 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 68 6a 2e 75 73 65 72 44
                                                                                                                                                                                                                                                                                                                                  Data Ascii: (hj.tryCatch((function(e){return/^(([^<>()[\]\\.,;:\s@"]+(\.[^<>()[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/.test(e)}),"utils.validateEmail"),hj.tryCatch((function(){return hj.userD
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:49 UTC16384INData Raw: 30 3b 65 3c 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3b 65 2b 3d 31 29 74 68 69 73 5b 74 68 69 73 2e 6c 65 6e 67 74 68 5d 3d 61 72 67 75 6d 65 6e 74 73 5b 65 5d 3b 72 65 74 75 72 6e 20 63 28 29 2c 74 68 69 73 2e 6c 65 6e 67 74 68 7d 7d 29 2c 6e 2e 6c 65 6e 67 74 68 3e 30 26 26 63 28 29 29 7d 2c 68 6a 2e 69 6e 69 74 69 61 6c 56 69 73 69 74 44 61 74 61 53 65 6e 74 26 26 65 2e 61 63 74 69 76 61 74 65 28 29 2c 65 7d 28 29 2c 21 30 29 7d 29 2c 22 63 6f 6d 6d 61 6e 64 22 29 28 29 7d 2c 31 32 32 39 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 6e 2e 72 28 74 29 3b 76 61 72 20 72 3d 6e 28 34 37 38 38 29 2c 6f 3d 6e 28 36 39 33 39 29 2c 69 3d 6e 28 35 36 35 38 29 2c 61 3d 6e 28 36 38 34 39 29 2c 73 3d 6e 28 36 37
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 0;e<arguments.length;e+=1)this[this.length]=arguments[e];return c(),this.length}}),n.length>0&&c())},hj.initialVisitDataSent&&e.activate(),e}(),!0)}),"command")()},1229:function(e,t,n){"use strict";n.r(t);var r=n(4788),o=n(6939),i=n(5658),a=n(6849),s=n(67
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:49 UTC16384INData Raw: 65 62 75 67 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 7d 2c 74 72 61 63 65 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 7d 2c 6c 6f 67 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 7d 2c 69 6e 66 6f 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 7d 2c 77 61 72 6e 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 7d 2c 65 72 72 6f 72 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 7d 7d 29 7d 2c 64 65 62 75 67 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 76 61 72 20 72 3d 74 26 26 75 5b 74 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 5d 7c 7c 22 23 32 61 39 64 38 66 22 3b 63 21 3d 65 26 26 73 26 26 28 63 6f 6e 73 6f 6c 65 2e 67 72 6f 75 70 45 6e 64 28 29 2c 73 3d 21 31 29 2c 63 3d 65 2c 76 6f 69 64 20 30 21 3d 3d 68 6a 2e 64 65 62 75 67 26 26 68 6a 2e 64 65 62 75 67 2e 69 73 4f 6e 28 29 26 26 28 22 6f 62 6a 65 63
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ebug:function(){},trace:function(){},log:function(){},info:function(){},warn:function(){},error:function(){}})},debug:function(e,t,n){var r=t&&u[t.toLowerCase()]||"#2a9d8f";c!=e&&s&&(console.groupEnd(),s=!1),c=e,void 0!==hj.debug&&hj.debug.isOn()&&("objec
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:49 UTC16384INData Raw: 6e 5b 74 5d 29 7c 7c 76 6f 69 64 20 30 3d 3d 3d 72 7c 7c 21 72 2e 6c 65 6e 67 74 68 29 7d 29 29 29 29 29 29 29 29 7d 29 2c 22 4d 75 74 61 74 69 6f 6e 53 75 6d 6d 61 72 79 2e 63 68 61 6e 67 65 73 54 6f 52 65 70 6f 72 74 22 29 2c 74 68 69 73 2e 6f 62 73 65 72 76 65 72 43 61 6c 6c 62 61 63 6b 3d 68 6a 2e 74 72 79 43 61 74 63 68 28 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 65 26 26 65 2e 6c 65 6e 67 74 68 29 7b 76 61 72 20 74 3d 6e 65 77 20 56 28 6e 2e 72 6f 6f 74 2c 65 2c 6e 2e 6f 70 74 69 6f 6e 73 2e 6f 6c 64 50 72 65 76 69 6f 75 73 53 69 62 6c 69 6e 67 29 2c 72 3d 6e 65 77 20 71 28 74 29 3b 6e 2e 63 68 61 6e 67 65 73 54 6f 52 65 70 6f 72 74 28 72 29 26 26 6e 2e 63 61 6c 6c 62 61 63 6b 28 72 29 7d 7d 29 2c 22 4d 75 74 61 74 69 6f 6e 53 75 6d 6d 61 72
                                                                                                                                                                                                                                                                                                                                  Data Ascii: n[t])||void 0===r||!r.length)}))))))))}),"MutationSummary.changesToReport"),this.observerCallback=hj.tryCatch((function(e){if(e&&e.length){var t=new V(n.root,e,n.options.oldPreviousSibling),r=new q(t);n.changesToReport(r)&&n.callback(r)}}),"MutationSummar
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:49 UTC16384INData Raw: 72 5d 2b 22 2f 2a 20 4f 72 69 67 69 6e 61 6c 6c 79 3a 20 3c 6c 69 6e 6b 20 22 3b 66 6f 72 28 76 61 72 20 75 3d 30 2c 6c 3d 61 2e 6c 65 6e 67 74 68 3b 75 3c 6c 3b 75 2b 2b 29 22 69 64 22 21 3d 3d 61 5b 75 5d 2e 6e 61 6d 65 26 26 22 63 6c 61 73 73 22 21 3d 3d 61 5b 75 5d 2e 6e 61 6d 65 7c 7c 63 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 61 5b 75 5d 2e 6e 61 6d 65 2c 61 5b 75 5d 2e 76 61 6c 75 65 29 2c 69 5b 65 2e 70 61 72 65 6e 74 53 65 6c 65 63 74 6f 72 5d 2b 3d 61 5b 75 5d 2e 6e 61 6d 65 2b 27 3d 22 27 2b 61 5b 75 5d 2e 76 61 6c 75 65 2b 27 22 20 27 3b 69 5b 65 2e 70 61 72 65 6e 74 53 65 6c 65 63 74 6f 72 5d 2b 3d 22 3e 20 2a 2f 22 2c 63 2e 63 6c 61 73 73 4c 69 73 74 2e 61 64 64 28 22 62 6c 6f 62 2d 68 61 73 68 2d 22 2b 73 29 2c 6f 2e 70 61 72 65 6e 74 4e
                                                                                                                                                                                                                                                                                                                                  Data Ascii: r]+"/* Originally: <link ";for(var u=0,l=a.length;u<l;u++)"id"!==a[u].name&&"class"!==a[u].name||c.setAttribute(a[u].name,a[u].value),i[e.parentSelector]+=a[u].name+'="'+a[u].value+'" ';i[e.parentSelector]+="> */",c.classList.add("blob-hash-"+s),o.parentN
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:49 UTC16384INData Raw: 68 2c 64 2c 66 2c 67 3d 7b 7d 2c 70 3d 22 22 2c 76 3d 76 6f 69 64 20 30 2c 6d 3d 6e 75 6c 6c 2c 79 3d 21 31 2c 6a 3d 69 2e 66 5f 2e 6e 6f 77 28 29 2c 62 3d 21 31 3b 67 2e 65 76 65 6e 74 73 3d 5b 5d 2c 67 2e 73 74 6f 72 65 50 61 67 65 43 6f 6e 74 65 6e 74 3d 66 75 6e 63 74 69 6f 6e 28 74 2c 6e 29 7b 68 6a 2e 6c 6f 67 2e 77 61 72 6e 49 66 45 6d 70 74 79 28 74 2c 22 74 72 79 53 74 6f 72 65 50 61 67 65 43 6f 6e 74 65 6e 74 3a 20 63 6f 6e 74 65 6e 74 22 29 2c 68 6a 2e 6c 6f 67 2e 77 61 72 6e 49 66 45 6d 70 74 79 28 6e 2c 22 74 72 79 53 74 6f 72 65 50 61 67 65 43 6f 6e 74 65 6e 74 3a 20 75 72 6c 4d 44 35 22 29 2c 65 2e 73 74 6f 72 65 50 61 67 65 43 6f 6e 74 65 6e 74 28 74 2c 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 65 2e 63 6f 6e 74 65 6e 74 5f
                                                                                                                                                                                                                                                                                                                                  Data Ascii: h,d,f,g={},p="",v=void 0,m=null,y=!1,j=i.f_.now(),b=!1;g.events=[],g.storePageContent=function(t,n){hj.log.warnIfEmpty(t,"tryStorePageContent: content"),hj.log.warnIfEmpty(n,"tryStorePageContent: urlMD5"),e.storePageContent(t,(function(e){var t=e.content_
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:49 UTC16384INData Raw: 26 22 73 79 6d 62 6f 6c 22 3d 3d 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 2e 69 74 65 72 61 74 6f 72 3f 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 74 79 70 65 6f 66 20 65 7d 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 65 26 26 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 26 26 65 2e 63 6f 6e 73 74 72 75 63 74 6f 72 3d 3d 3d 53 79 6d 62 6f 6c 26 26 65 21 3d 3d 53 79 6d 62 6f 6c 2e 70 72 6f 74 6f 74 79 70 65 3f 22 73 79 6d 62 6f 6c 22 3a 74 79 70 65 6f 66 20 65 7d 2c 5f 28 65 29 7d 66 75 6e 63 74 69 6f 6e 20 43 28 65 2c 74 29 7b 66 6f 72 28 76 61 72 20 6e 3d 30 3b 6e 3c 74 2e 6c 65 6e 67 74 68 3b 6e 2b 2b 29 7b 76 61 72 20 72 3d 74 5b 6e 5d 3b 72 2e 65 6e 75 6d 65 72 61 62 6c 65 3d 72 2e 65 6e 75 6d
                                                                                                                                                                                                                                                                                                                                  Data Ascii: &"symbol"==typeof Symbol.iterator?function(e){return typeof e}:function(e){return e&&"function"==typeof Symbol&&e.constructor===Symbol&&e!==Symbol.prototype?"symbol":typeof e},_(e)}function C(e,t){for(var n=0;n<t.length;n++){var r=t[n];r.enumerable=r.enum
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:50 UTC16384INData Raw: 26 76 6f 69 64 20 30 21 3d 3d 68 3f 68 3a 61 2e 66 5f 2e 6e 6f 77 28 29 2c 5f 3d 6e 75 6c 6c 21 3d 3d 28 64 3d 6e 75 6c 6c 3d 3d 69 3f 76 6f 69 64 20 30 3a 69 2e 69 6e 53 61 6d 70 6c 65 29 26 26 76 6f 69 64 20 30 21 3d 3d 64 26 26 64 2c 43 3d 6e 75 6c 6c 21 3d 3d 28 70 3d 28 6e 75 6c 6c 3d 3d 69 3f 76 6f 69 64 20 30 3a 69 2e 72 65 63 6f 72 64 69 6e 67 45 6e 61 62 6c 65 64 29 26 26 5f 29 26 26 76 6f 69 64 20 30 21 3d 3d 70 26 26 70 2c 7b 69 64 3a 77 2c 63 72 65 61 74 65 64 3a 53 2c 69 6e 53 61 6d 70 6c 65 3a 5f 2c 73 65 73 73 69 6f 6e 69 7a 65 72 42 65 74 61 45 6e 61 62 6c 65 64 3a 6e 75 6c 6c 21 3d 3d 28 76 3d 6e 75 6c 6c 3d 3d 69 3f 76 6f 69 64 20 30 3a 69 2e 73 65 73 73 69 6f 6e 69 7a 65 72 42 65 74 61 45 6e 61 62 6c 65 64 29 26 26 76 6f 69 64 20 30 21
                                                                                                                                                                                                                                                                                                                                  Data Ascii: &void 0!==h?h:a.f_.now(),_=null!==(d=null==i?void 0:i.inSample)&&void 0!==d&&d,C=null!==(p=(null==i?void 0:i.recordingEnabled)&&_)&&void 0!==p&&p,{id:w,created:S,inSample:_,sessionizerBetaEnabled:null!==(v=null==i?void 0:i.sessionizerBetaEnabled)&&void 0!


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  39192.168.2.749760192.29.11.1424437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:49 UTC723OUTGET /visitor/v200/svrGP?pps=3&siteid=1325&ref=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&ref2=elqNone&tzo=-60&ms=762&optin=disabled HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: s1325.t.eloqua.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:49 UTC901INHTTP/1.1 302 Found
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-store
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                                                                                                                  Expires: -1
                                                                                                                                                                                                                                                                                                                                  Location: https://s1325.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=1325&ref=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&ref2=elqNone&tzo=-60&ms=762&optin=disabled&elqCookie=1
                                                                                                                                                                                                                                                                                                                                  X-Robots-Tag: noindex, nofollow
                                                                                                                                                                                                                                                                                                                                  X-Xss-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                                                                                  Set-Cookie: ELOQUA=GUID=A19FC9146C534783A26EBA38F50B2A88; domain=.eloqua.com; expires=Fri, 23-May-2025 23:29:49 GMT; path=/;SameSite=None; secure
                                                                                                                                                                                                                                                                                                                                  Set-Cookie: ELQSTATUS=OK; domain=.eloqua.com; expires=Fri, 23-May-2025 23:29:49 GMT; path=/;SameSite=None; secure
                                                                                                                                                                                                                                                                                                                                  P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:49 GMT
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Content-Length: 335
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:49 UTC335INData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 4f 62 6a 65 63 74 20 6d 6f 76 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 32 3e 4f 62 6a 65 63 74 20 6d 6f 76 65 64 20 74 6f 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 31 33 32 35 2e 74 2e 65 6c 6f 71 75 61 2e 63 6f 6d 2f 76 69 73 69 74 6f 72 2f 76 32 30 30 2f 73 76 72 47 50 2e 61 73 70 78 3f 70 70 73 3d 33 26 61 6d 70 3b 73 69 74 65 69 64 3d 31 33 32 35 26 61 6d 70 3b 72 65 66 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 77 77 77 2e 74 65 6c 65 72 69 6b 2e 63 6f 6d 25 32 46 64 6f 77 6e 6c 6f 61 64 25 32 46 66 69 64 64 6c 65 72 25 32 46 66 69 72 73 74 2d 72 75 6e 26 61 6d 70 3b 72 65 66 32 3d 65 6c 71 4e 6f 6e 65 26 61 6d 70 3b 74 7a 6f 3d 2d 36 30
                                                                                                                                                                                                                                                                                                                                  Data Ascii: <html><head><title>Object moved</title></head><body><h2>Object moved to <a href="https://s1325.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&amp;siteid=1325&amp;ref=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&amp;ref2=elqNone&amp;tzo=-60


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  40192.168.2.74976574.125.137.1564437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:50 UTC931OUTGET /td/ga/rul?tid=G-9JSNBCSF54&gacid=925834404.1713914987&gtm=45je44m0v9167661709z8536291za200&dma=0&gcs=G111&gcd=13v3v3v3v5&npa=0&pscdl=noapi&aip=1&fledge=1&z=1283479480 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: td.doubleclick.net
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                                                                                                                                  X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: iframe
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:50 UTC785INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
                                                                                                                                                                                                                                                                                                                                  Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:50 GMT
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache, must-revalidate
                                                                                                                                                                                                                                                                                                                                  Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  Server: cafe
                                                                                                                                                                                                                                                                                                                                  X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                                                                  Set-Cookie: test_cookie=CheckForPermission; expires=Tue, 23-Apr-2024 23:44:50 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
                                                                                                                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                  Accept-Ranges: none
                                                                                                                                                                                                                                                                                                                                  Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:50 UTC18INData Raw: 64 0d 0a 3c 68 74 6d 6c 3e 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                                                                                                                                  Data Ascii: d<html></html>
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:50 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 0


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  41192.168.2.749766192.29.11.1424437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:51 UTC808OUTGET /visitor/v200/svrGP.aspx?pps=3&siteid=1325&ref=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&ref2=elqNone&tzo=-60&ms=762&optin=disabled&elqCookie=1 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: s1325.t.eloqua.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: ELOQUA=GUID=A19FC9146C534783A26EBA38F50B2A88; ELQSTATUS=OK
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:51 UTC418INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-store
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Content-Type: image/gif
                                                                                                                                                                                                                                                                                                                                  Expires: -1
                                                                                                                                                                                                                                                                                                                                  X-Robots-Tag: noindex, nofollow
                                                                                                                                                                                                                                                                                                                                  X-Xss-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                                                                                  P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:51 GMT
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Content-Length: 49
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:51 UTC49INData Raw: 47 49 46 38 39 61 01 00 01 00 91 ff 00 ff ff ff 00 00 00 ff ff ff 00 00 00 21 f9 04 01 00 00 02 00 2c 00 00 00 00 01 00 01 00 00 02 02 54 01 00 3b
                                                                                                                                                                                                                                                                                                                                  Data Ascii: GIF89a!,T;


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  42192.168.2.74976713.226.251.884437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:51 UTC578OUTGET /external-assets/1.0.22/utils/store-lead-data.min.js HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: d6vtbcy3ong79.cloudfront.net
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:51 UTC512INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/javascript
                                                                                                                                                                                                                                                                                                                                  Content-Length: 1504
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,max-age=31536000
                                                                                                                                                                                                                                                                                                                                  Last-Modified: Wed, 10 Apr 2024 08:36:16 GMT
                                                                                                                                                                                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                  Date: Sat, 20 Apr 2024 00:37:44 GMT
                                                                                                                                                                                                                                                                                                                                  Vary: Origin,Accept-Encoding
                                                                                                                                                                                                                                                                                                                                  X-Cache: Hit from cloudfront
                                                                                                                                                                                                                                                                                                                                  Via: 1.1 6aaf927e424e83f0c17de5d680c855c0.cloudfront.net (CloudFront)
                                                                                                                                                                                                                                                                                                                                  X-Amz-Cf-Pop: LAX50-C3
                                                                                                                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                                                                  X-Amz-Cf-Id: XJ7teOYpmqePOqDEzGxCPzM4YGFZhhn6TrjYYYUecMTLBbRPWsalVg==
                                                                                                                                                                                                                                                                                                                                  Age: 341526
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:51 UTC1504INData Raw: 21 66 75 6e 63 74 69 6f 6e 28 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 75 6e 63 74 69 6f 6e 20 61 28 65 2c 68 29 7b 66 6f 72 28 76 61 72 20 63 3d 6e 75 6c 6c 2c 66 3d 68 2e 73 70 6c 69 74 28 22 26 22 29 2c 64 3d 30 3b 64 3c 66 2e 6c 65 6e 67 74 68 3b 64 2b 2b 29 7b 76 61 72 20 62 3d 66 5b 64 5d 2e 73 70 6c 69 74 28 22 3d 22 29 3b 69 66 28 62 5b 30 5d 3d 3d 3d 65 29 72 65 74 75 72 6e 20 62 5b 31 5d 3b 22 52 65 74 75 72 6e 55 72 6c 22 3d 3d 3d 62 5b 30 5d 26 26 28 63 3d 62 5b 31 5d 29 7d 69 66 28 63 29 7b 76 61 72 20 67 3d 75 6e 65 73 63 61 70 65 28 63 29 2e 73 70 6c 69 74 28 22 3f 22 29 3b 69 66 28 67 2e 6c 65 6e 67 74 68 3e 31 29 72 65 74 75 72 6e 20 61 28 65 2c 67 5b 31 5d 29 7d 7d 76 61 72 20 6a 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 6f 72 28 76
                                                                                                                                                                                                                                                                                                                                  Data Ascii: !function(){"use strict";function a(e,h){for(var c=null,f=h.split("&"),d=0;d<f.length;d++){var b=f[d].split("=");if(b[0]===e)return b[1];"ReturnUrl"===b[0]&&(c=b[1])}if(c){var g=unescape(c).split("?");if(g.length>1)return a(e,g[1])}}var j=function(){for(v


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  43192.168.2.749771142.250.141.1064437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:51 UTC802OUTGET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-111455-1&cid=925834404.1713914987&jid=1541579741&_u=aGBAiEABBAAAAGAFKC~&z=803182535 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: www.google.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                                                                  X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:51 UTC539INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
                                                                                                                                                                                                                                                                                                                                  Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:51 GMT
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                                                                                                                  Content-Type: image/gif
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  Server: cafe
                                                                                                                                                                                                                                                                                                                                  Content-Length: 42
                                                                                                                                                                                                                                                                                                                                  X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:51 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                                                                  Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  44192.168.2.749769142.250.141.1064437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:51 UTC801OUTGET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-111455-74&cid=925834404.1713914987&jid=629508174&_u=aGDAiEABBAAAAGAFKC~&z=33840365 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: www.google.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                                                                  X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:51 UTC539INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
                                                                                                                                                                                                                                                                                                                                  Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:51 GMT
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                                                                                                                  Content-Type: image/gif
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  Server: cafe
                                                                                                                                                                                                                                                                                                                                  Content-Length: 42
                                                                                                                                                                                                                                                                                                                                  X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:51 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                                                                  Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  45192.168.2.749770142.250.141.1064437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:51 UTC854OUTPOST /pagead/landing?gcs=G111&gcd=13v3v3v3v5&rnd=71549082.1713914988&url=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&dma=0&npa=0&gtm=45je44m0v9167661709z8536291za200&auid=571138784.1713914988 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: www.google.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:51 UTC857INHTTP/1.1 302 Found
                                                                                                                                                                                                                                                                                                                                  P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
                                                                                                                                                                                                                                                                                                                                  Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:51 GMT
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                                                                                                                  Content-Type: image/gif
                                                                                                                                                                                                                                                                                                                                  Content-Security-Policy: script-src 'none'; object-src 'none'
                                                                                                                                                                                                                                                                                                                                  Location: https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13v3v3v3v5&rnd=71549082.1713914988&url=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&dma=0&npa=0&gtm=45je44m0v9167661709z8536291za200&auid=571138784.1713914988
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  Server: cafe
                                                                                                                                                                                                                                                                                                                                  Content-Length: 42
                                                                                                                                                                                                                                                                                                                                  X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:51 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                                                                  Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  46192.168.2.749772143.244.50.824437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:51 UTC532OUTGET /ki.js/24100/4Nr.js HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: cl.qualaroo.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:52 UTC1121INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:51 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/ecmascript
                                                                                                                                                                                                                                                                                                                                  Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                  Server: BunnyCDN-LA1-953
                                                                                                                                                                                                                                                                                                                                  CDN-PullZone: 92714
                                                                                                                                                                                                                                                                                                                                  CDN-Uid: 50c043fb-dcd1-4574-9faf-b60384f66f78
                                                                                                                                                                                                                                                                                                                                  CDN-RequestCountryCode: US
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
                                                                                                                                                                                                                                                                                                                                  Access-Control-Expose-Headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
                                                                                                                                                                                                                                                                                                                                  Cache-Control: max-age=3600
                                                                                                                                                                                                                                                                                                                                  ETag: W/"503e65ae03612461897d53b66be6c499"
                                                                                                                                                                                                                                                                                                                                  Last-Modified: Wed, 10 Apr 2024 11:45:59 GMT
                                                                                                                                                                                                                                                                                                                                  x-amz-id-2: V/mGzPEQW0xqGtvVBoRyFhYB+zcqlg4YEC5mBy4AM5Nwy1+F3a91gMupO8lPCN6O1mNzrKGdLXM=
                                                                                                                                                                                                                                                                                                                                  x-amz-request-id: PW5GG7SBSWSWWNYZ
                                                                                                                                                                                                                                                                                                                                  x-amz-server-side-encryption: AES256
                                                                                                                                                                                                                                                                                                                                  CDN-ProxyVer: 1.04
                                                                                                                                                                                                                                                                                                                                  CDN-RequestPullSuccess: True
                                                                                                                                                                                                                                                                                                                                  CDN-RequestPullCode: 200
                                                                                                                                                                                                                                                                                                                                  CDN-CachedAt: 04/10/2024 13:25:38
                                                                                                                                                                                                                                                                                                                                  CDN-EdgeStorageId: 907
                                                                                                                                                                                                                                                                                                                                  CDN-Status: 200
                                                                                                                                                                                                                                                                                                                                  CDN-RequestId: 6c4d6528ddb4619593e11013aa3415a1
                                                                                                                                                                                                                                                                                                                                  CDN-Cache: REVALIDATED
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:52 UTC16384INData Raw: 38 33 64 33 0d 0a 2f 2f 20 51 75 61 6c 61 72 6f 6f 20 66 6f 72 20 74 65 6c 65 72 69 6b 2e 63 6f 6d 0a 2f 2f 20 28 43 29 20 32 30 32 34 20 51 75 61 6c 61 72 6f 6f 2e 20 41 6c 6c 20 72 69 67 68 74 73 20 72 65 73 65 72 76 65 64 2e 0a 2f 2f 20 71 75 61 6c 61 72 6f 6f 2e 63 6f 6d 0a 0a 2f 2f 24 20 73 69 74 65 3a 20 31 39 35 34 37 2c 20 67 65 6e 65 72 61 74 65 64 3a 20 32 30 32 34 2d 30 34 2d 31 30 20 31 31 3a 34 35 3a 35 38 20 55 54 43 0a 2f 2f 24 20 63 6c 69 65 6e 74 3a 20 32 2e 30 2e 37 30 0a 0a 69 66 28 74 79 70 65 6f 66 20 4b 49 20 3d 3d 20 27 75 6e 64 65 66 69 6e 65 64 27 29 7b 4b 49 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 5f 2c 65 2c 69 2c 74 2c 73 2c 6f 2c 6e 2c 72 2c 6c 2c 61 2c 64 2c 63 2c 70 2c 75 2c 6d
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 83d3// Qualaroo for telerik.com// (C) 2024 Qualaroo. All rights reserved.// qualaroo.com//$ site: 19547, generated: 2024-04-10 11:45:58 UTC//$ client: 2.0.70if(typeof KI == 'undefined'){KI=function(){"use strict";var _,e,i,t,s,o,n,r,l,a,d,c,p,u,m
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:52 UTC16384INData Raw: 5f 63 68 65 63 6b 62 6f 78 22 20 6e 61 6d 65 3d 22 71 75 61 6c 5f 61 6e 73 77 65 72 22 20 2f 3e 25 21 25 67 76 25 21 25 25 21 25 6f 30 25 21 25 3c 2f 6c 61 62 65 6c 3e 27 2c 6b 31 3a 27 3c 74 65 78 74 61 72 65 61 20 69 64 3d 22 71 75 61 6c 5f 61 6e 73 77 65 72 22 20 20 6e 6f 64 65 69 64 3d 25 21 25 76 61 6c 25 21 25 20 63 6c 61 73 73 3d 22 71 75 61 6c 5f 6f 6c 5f 61 6e 73 5f 74 65 78 74 25 21 25 74 6d 25 21 25 22 25 21 25 74 35 25 21 25 3e 25 21 25 71 31 25 21 25 3c 2f 74 65 78 74 61 72 65 61 3e 27 2c 6c 31 3a 27 3c 69 6e 70 75 74 20 69 64 3d 22 71 75 61 6c 5f 61 6e 73 77 65 72 22 20 20 6e 6f 64 65 69 64 3d 25 21 25 76 61 6c 25 21 25 20 63 6c 61 73 73 3d 22 71 75 61 6c 5f 6f 6c 5f 61 6e 73 5f 74 65 78 74 5f 73 69 6e 67 6c 65 25 21 25 74 6d 25 21 25 22 20
                                                                                                                                                                                                                                                                                                                                  Data Ascii: _checkbox" name="qual_answer" />%!%gv%!%%!%o0%!%</label>',k1:'<textarea id="qual_answer" nodeid=%!%val%!% class="qual_ol_ans_text%!%tm%!%"%!%t5%!%>%!%q1%!%</textarea>',l1:'<input id="qual_answer" nodeid=%!%val%!% class="qual_ol_ans_text_single%!%tm%!%"
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:52 UTC987INData Raw: 65 73 74 69 6f 6e 3a 64 2e 6c 39 2c 61 6e 73 77 65 72 3a 64 2e 66 36 2c 63 61 6e 6f 6e 69 63 61 6c 5f 6e 61 6d 65 3a 64 2e 72 39 7d 29 3b 62 72 65 61 6b 3b 63 61 73 65 22 6b 31 22 3a 63 61 73 65 22 6c 31 22 3a 64 3d 6e 5b 30 5d 2c 6f 5b 5a 74 2e 67 71 5d 28 7b 71 75 65 73 74 69 6f 6e 3a 65 2e 71 39 2c 61 6e 73 77 65 72 3a 64 2e 66 36 2c 63 61 6e 6f 6e 69 63 61 6c 5f 6e 61 6d 65 3a 65 2e 72 35 7d 29 3b 62 72 65 61 6b 3b 64 65 66 61 75 6c 74 3a 64 3d 6e 5b 30 5d 2c 6f 5b 5a 74 2e 67 71 5d 28 7b 71 75 65 73 74 69 6f 6e 3a 65 2e 71 39 2c 61 6e 73 77 65 72 3a 64 2e 6c 39 2c 63 61 6e 6f 6e 69 63 61 6c 5f 6e 61 6d 65 3a 65 2e 72 35 7d 29 7d 72 65 74 75 72 6e 20 74 68 69 73 2e 6f 66 28 6f 2c 69 2c 73 2c 74 29 7d 7d 7d 2c 44 65 3d 7b 67 30 30 3a 66 75 6e 63 74 69
                                                                                                                                                                                                                                                                                                                                  Data Ascii: estion:d.l9,answer:d.f6,canonical_name:d.r9});break;case"k1":case"l1":d=n[0],o[Zt.gq]({question:e.q9,answer:d.f6,canonical_name:e.r5});break;default:d=n[0],o[Zt.gq]({question:e.q9,answer:d.l9,canonical_name:e.r5})}return this.of(o,i,s,t)}}},De={g00:functi
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:52 UTC16384INData Raw: 61 63 37 31 0d 0a 69 64 65 6e 74 69 74 79 22 2c 6d 61 78 69 6d 69 7a 65 53 75 72 76 65 79 3a 22 6d 61 78 69 6d 69 7a 65 4e 75 64 67 65 22 2c 6d 69 6e 69 6d 69 7a 65 53 75 72 76 65 79 3a 22 6d 69 6e 69 6d 69 7a 65 4e 75 64 67 65 22 2c 73 65 6c 65 63 74 53 75 72 76 65 79 3a 22 73 65 6c 65 63 74 4e 75 64 67 65 22 2c 73 68 6f 77 53 75 72 76 65 79 3a 22 73 68 6f 77 4e 75 64 67 65 22 2c 73 74 6f 70 53 75 72 76 65 79 3a 22 73 74 6f 70 4e 75 64 67 65 22 2c 73 65 74 4c 6f 63 61 74 69 6f 6e 3a 22 73 65 74 4c 6f 63 61 74 69 6f 6e 22 7d 3b 66 6f 72 28 74 20 69 6e 20 5f 3d 7b 73 65 74 4c 6f 67 4c 65 76 65 6c 3a 66 75 6e 63 74 69 6f 6e 28 5f 29 7b 69 2e 67 72 36 28 5f 29 7d 2c 63 6c 65 61 72 45 76 65 6e 74 48 61 6e 64 6c 65 72 3a 66 75 6e 63 74 69 6f 6e 28 5f 29 7b 72
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ac71identity",maximizeSurvey:"maximizeNudge",minimizeSurvey:"minimizeNudge",selectSurvey:"selectNudge",showSurvey:"showNudge",stopSurvey:"stopNudge",setLocation:"setLocation"};for(t in _={setLogLevel:function(_){i.gr6(_)},clearEventHandler:function(_){r
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:52 UTC16384INData Raw: 38 3d 66 28 29 2c 56 69 2e 6e 68 3d 75 2c 56 69 2e 73 67 3d 68 28 29 2c 74 3d 61 5b 75 5d 2c 73 3d 30 3b 73 3c 63 3b 73 2b 2b 29 6e 3d 64 5b 73 5d 2c 56 69 5b 6e 5d 3d 21 21 74 5b 73 5d 3b 72 65 74 75 72 6e 20 42 65 2e 67 71 5f 28 6c 2e 67 31 6f 7c 7c 52 69 2c 6c 2e 67 67 61 7c 7c 5a 74 2e 78 64 29 2c 58 65 28 22 78 39 22 29 26 26 65 5f 2e 63 31 28 29 2c 5f 5f 2e 61 35 28 29 2c 70 2e 73 6f 6d 65 28 28 66 75 6e 63 74 69 6f 6e 28 5f 29 7b 72 3d 6d 28 5f 2c 5b 22 6e 6b 22 2c 22 76 33 22 2c 22 75 67 22 5d 29 3b 76 61 72 20 65 3d 6d 28 5f 2c 5b 22 6e 6b 22 2c 22 67 62 72 22 5d 29 3b 69 66 28 72 26 26 72 2e 6c 65 6e 67 74 68 7c 7c 65 26 26 65 2e 6c 65 6e 67 74 68 29 72 65 74 75 72 6e 21 30 7d 29 29 26 26 28 56 69 2e 6c 68 3d 22 78 78 78 78 22 2c 52 65 28 22 62
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 8=f(),Vi.nh=u,Vi.sg=h(),t=a[u],s=0;s<c;s++)n=d[s],Vi[n]=!!t[s];return Be.gq_(l.g1o||Ri,l.gga||Zt.xd),Xe("x9")&&e_.c1(),__.a5(),p.some((function(_){r=m(_,["nk","v3","ug"]);var e=m(_,["nk","gbr"]);if(r&&r.length||e&&e.length)return!0}))&&(Vi.lh="xxxx",Re("b
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:52 UTC16384INData Raw: 20 52 65 28 22 78 31 22 2c 7b 66 75 3a 22 67 63 65 22 2c 6b 62 3a 70 2c 6b 72 3a 74 7d 2c 75 2c 73 74 29 2c 49 74 7d 2c 62 69 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 5f 3d 56 69 2e 66 70 3b 72 65 74 75 72 6e 20 56 69 2e 77 79 26 26 24 69 28 56 69 2e 77 79 29 2c 63 69 28 29 2c 6e 69 28 29 2c 56 69 2e 6e 6a 3d 5b 5d 2c 56 69 2e 77 63 3d 41 74 2c 56 69 2e 77 79 3d 57 69 2c 56 69 2e 71 7a 3d 41 74 2c 56 69 2e 71 75 3d 73 74 2c 56 69 2e 6e 39 3d 73 74 2c 56 69 2e 66 70 3d 57 69 2c 56 69 2e 6e 72 3d 57 69 2c 56 69 2e 6b 7a 3d 73 74 2c 56 69 2e 72 6b 3d 73 74 2c 56 69 2e 78 61 3d 30 2c 56 69 2e 70 31 3d 30 2c 52 65 28 22 61 64 22 2c 5f 29 2c 5f 7d 2c 77 69 3d 66 75 6e 63 74 69 6f 6e 28 5f 29 7b 76 61 72 20 65 3d 56 69 2e 66 70 2c 69 3d 6d 28 56 69 2c 5b
                                                                                                                                                                                                                                                                                                                                  Data Ascii: Re("x1",{fu:"gce",kb:p,kr:t},u,st),It},bi=function(){var _=Vi.fp;return Vi.wy&&$i(Vi.wy),ci(),ni(),Vi.nj=[],Vi.wc=At,Vi.wy=Wi,Vi.qz=At,Vi.qu=st,Vi.n9=st,Vi.fp=Wi,Vi.nr=Wi,Vi.kz=st,Vi.rk=st,Vi.xa=0,Vi.p1=0,Re("ad",_),_},wi=function(_){var e=Vi.fp,i=m(Vi,[
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:52 UTC16384INData Raw: 23 71 75 61 6c 5f 6f 6c 20 66 6f 72 6d 2e 71 75 61 6c 5f 6f 6c 5f 61 6e 73 5f 62 6f 78 22 3a 7b 67 38 3a 4b 74 2e 63 75 2c 67 70 3a 22 30 70 78 20 31 2e 35 65 6d 20 31 35 70 78 22 7d 2c 22 64 69 76 23 71 75 61 6c 5f 6f 6c 20 2e 71 75 61 6c 5f 6f 6c 5f 62 74 6e 5f 64 6f 74 22 3a 7b 67 34 3a 4b 74 2e 66 6d 7d 2c 22 64 69 76 23 71 75 61 6c 5f 6f 6c 20 2e 71 75 61 6c 5f 6f 6c 5f 6c 6f 67 6f 22 3a 7b 79 37 3a 22 63 65 6e 74 65 72 22 2c 6b 36 3a 22 30 70 78 20 31 2e 37 65 6d 20 31 2e 32 65 6d 20 31 2e 35 65 6d 22 2c 73 70 3a 22 63 6f 6e 74 61 69 6e 22 2c 71 6a 3a 22 6e 6f 2d 72 65 70 65 61 74 22 2c 67 38 3a 22 61 75 74 6f 22 7d 2c 22 64 69 76 23 71 75 61 6c 5f 6f 6c 20 2e 71 75 61 6c 5f 6f 6c 5f 71 64 65 73 63 72 22 3a 7b 66 68 3a 4b 74 2e 6b 35 2c 66 6c 3a 4b
                                                                                                                                                                                                                                                                                                                                  Data Ascii: #qual_ol form.qual_ol_ans_box":{g8:Kt.cu,gp:"0px 1.5em 15px"},"div#qual_ol .qual_ol_btn_dot":{g4:Kt.fm},"div#qual_ol .qual_ol_logo":{y7:"center",k6:"0px 1.7em 1.2em 1.5em",sp:"contain",qj:"no-repeat",g8:"auto"},"div#qual_ol .qual_ol_qdescr":{fh:Kt.k5,fl:K
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:52 UTC16384INData Raw: 6c 5f 61 6e 73 5f 73 68 6f 72 74 5f 65 78 70 6c 61 69 6e 2c 64 69 76 23 71 75 61 6c 5f 6f 6c 20 2e 71 75 61 6c 5f 78 5f 73 65 6c 65 63 74 20 2e 71 75 61 6c 5f 6f 6c 5f 61 6e 73 5f 6c 6f 6e 67 5f 65 78 70 6c 61 69 6e 22 3a 7b 67 34 3a 4b 74 2e 68 64 7d 2c 22 64 69 76 23 71 75 61 6c 5f 74 61 67 6c 69 6e 65 2e 71 75 61 6c 5f 74 61 67 6c 69 6e 65 22 3a 7b 67 33 3a 4b 74 2e 77 75 2c 6c 70 3a 4b 74 2e 67 6b 2c 66 33 3a 4b 74 2e 75 33 2c 66 6b 3a 4b 74 2e 6b 78 2c 67 70 3a 22 30 70 78 22 2c 67 34 3a 22 66 6c 65 78 22 2c 6c 67 3a 22 63 65 6e 74 65 72 22 2c 66 68 3a 22 63 65 6e 74 65 72 22 2c 6c 70 3a 22 6e 6f 6e 65 22 2c 67 38 3a 22 31 30 30 25 22 2c 74 39 3a 22 6d 69 64 64 6c 65 22 7d 2c 22 61 23 71 75 61 6c 5f 70 6f 77 65 72 62 79 3a 68 6f 76 65 72 22 3a 7b 66
                                                                                                                                                                                                                                                                                                                                  Data Ascii: l_ans_short_explain,div#qual_ol .qual_x_select .qual_ol_ans_long_explain":{g4:Kt.hd},"div#qual_tagline.qual_tagline":{g3:Kt.wu,lp:Kt.gk,f3:Kt.u3,fk:Kt.kx,gp:"0px",g4:"flex",lg:"center",fh:"center",lp:"none",g8:"100%",t9:"middle"},"a#qual_powerby:hover":{f
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:52 UTC16384INData Raw: 3a 7b 67 33 3a 72 74 7d 2c 22 64 69 76 23 71 75 61 6c 5f 6f 6c 20 2e 71 75 61 6c 5f 6f 6c 5f 71 6c 61 62 65 6c 22 3a 7b 67 33 3a 72 74 7d 7d 2c 67 63 38 3a 7b 22 64 69 76 23 71 75 61 6c 5f 6d 61 73 6b 2e 71 75 61 6c 5f 6d 61 73 6b 22 3a 7b 67 33 3a 6e 74 7d 2c 22 64 69 76 23 71 75 61 6c 5f 73 63 72 6e 72 2e 71 75 61 6c 5f 73 63 72 6e 72 22 3a 7b 67 33 3a 6e 74 7d 2c 22 64 69 76 23 71 75 61 6c 5f 6f 6c 2e 71 75 61 6c 5f 6f 6c 22 3a 7b 67 33 3a 6e 74 7d 2c 22 64 69 76 23 71 75 61 6c 5f 6f 6c 20 2e 71 75 61 6c 5f 6f 6c 5f 61 6e 73 5f 69 74 65 6d 22 3a 7b 67 33 3a 6e 74 7d 2c 22 64 69 76 23 71 75 61 6c 5f 6f 6c 20 2e 71 75 61 6c 5f 6f 6c 5f 71 74 69 74 6c 65 22 3a 7b 67 33 3a 72 74 7d 2c 22 64 69 76 23 71 75 61 6c 5f 6f 6c 20 2e 71 75 61 6c 5f 6f 6c 5f 6d 75
                                                                                                                                                                                                                                                                                                                                  Data Ascii: :{g3:rt},"div#qual_ol .qual_ol_qlabel":{g3:rt}},gc8:{"div#qual_mask.qual_mask":{g3:nt},"div#qual_scrnr.qual_scrnr":{g3:nt},"div#qual_ol.qual_ol":{g3:nt},"div#qual_ol .qual_ol_ans_item":{g3:nt},"div#qual_ol .qual_ol_qtitle":{g3:rt},"div#qual_ol .qual_ol_mu
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:52 UTC16384INData Raw: 67 3d 4f 28 55 2c 50 2e 6f 75 7c 7c 74 2e 6f 75 2c 58 29 2c 76 5b 5a 74 2e 67 71 5d 28 63 28 7b 67 37 3a 5f 73 2e 6b 32 5b 7a 5d 2c 67 35 3a 7b 76 61 6c 3a 55 2c 5f 75 3a 67 7d 7d 29 29 7d 62 72 65 61 6b 3b 63 61 73 65 22 68 37 22 3a 69 66 28 58 3d 5b 5d 2c 57 3d 5b 5d 2c 50 2e 66 67 29 7b 66 6f 72 28 6c 3d 28 72 3d 50 2e 66 67 29 5b 5a 74 2e 67 39 5d 2c 4c 3d 30 3b 4c 3c 32 3b 4c 2b 2b 29 6e 3d 72 5b 4c 5d 2c 58 5b 5a 74 2e 67 71 5d 28 6e 2e 67 76 29 2c 57 5b 5a 74 2e 67 71 5d 28 4c 2e 74 6f 53 74 72 69 6e 67 28 29 29 3b 66 3d 54 28 55 2c 58 29 2c 76 5b 5a 74 2e 67 71 5d 28 63 28 7b 67 37 3a 5f 73 2e 6b 32 5b 7a 5d 2c 67 35 3a 7b 76 61 6c 3a 55 2c 77 38 3a 66 7d 7d 29 29 7d 62 72 65 61 6b 3b 63 61 73 65 22 68 68 22 3a 50 2e 66 67 26 26 76 5b 5a 74 2e 67
                                                                                                                                                                                                                                                                                                                                  Data Ascii: g=O(U,P.ou||t.ou,X),v[Zt.gq](c({g7:_s.k2[z],g5:{val:U,_u:g}}))}break;case"h7":if(X=[],W=[],P.fg){for(l=(r=P.fg)[Zt.g9],L=0;L<2;L++)n=r[L],X[Zt.gq](n.gv),W[Zt.gq](L.toString());f=T(U,X),v[Zt.gq](c({g7:_s.k2[z],g5:{val:U,w8:f}}))}break;case"hh":P.fg&&v[Zt.g


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  47192.168.2.74977623.1.102.27443
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:51 UTC239OUTGET /fs/windows/config.json HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: identity
                                                                                                                                                                                                                                                                                                                                  If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT
                                                                                                                                                                                                                                                                                                                                  Range: bytes=0-2147483646
                                                                                                                                                                                                                                                                                                                                  User-Agent: Microsoft BITS/7.8
                                                                                                                                                                                                                                                                                                                                  Host: fs.microsoft.com
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:51 UTC530INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                                                                  Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                                                                                                                                                                                                                                                                                                                  ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                                                                                                                                                                                                                                                                                                                  ApiVersion: Distribute 1.1
                                                                                                                                                                                                                                                                                                                                  Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                                                                                                                                                                                                                                                                                                                  X-Azure-Ref: 0Fz4RYwAAAACZW8dCTzveR7lI76J6Z2l5U0pDRURHRTA1MTgAY2VmYzI1ODMtYTliMi00NGE3LTk3NTUtYjc2ZDE3ZTA1Zjdm
                                                                                                                                                                                                                                                                                                                                  Cache-Control: public, max-age=27201
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:51 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Length: 55
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  X-CID: 2
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:51 UTC55INData Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d
                                                                                                                                                                                                                                                                                                                                  Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  48192.168.2.74977452.252.156.534437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:52 UTC638OUTOPTIONS /collect/v2/data-centers/76766c2b-82f4-2453-81e5-fd840f3b455b/datasources/TelerikCom/interactions HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: api.insight.sitefinity.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Access-Control-Request-Method: POST
                                                                                                                                                                                                                                                                                                                                  Access-Control-Request-Headers: content-type,x-dataintelligence-sdk-version
                                                                                                                                                                                                                                                                                                                                  Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:52 UTC1396INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:52 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Headers: Content-Type, Content-Length, X-Requested-With, Authorization, x-dataintelligence-accountkey, x-dataintelligence-datacenterkey, x-dataintelligence-datasource, x-dataintelligence-sort, x-dataintelligence-skip, x-dataintelligence-take, x-dataintelligence-fields, x-dataintelligence-count, x-dataintelligence-filterby, x-dataintelligence-filter, x-dataintelligence-contains, x-dataintelligence-nextrowkey, x-dataintelligence-flush, x-dataintelligence-fromdate, x-dataintelligence-todate, x-dataintelligence-period, x-dataintelligence-scale, x-dataintelligence-predicate, x-dataintelligence-subject, x-dataintelligence-ids, x-dataintelligence-datasources, x-dataintelligence-imagecrop, x-dataintelligence-contacts, x-forwarded-for, x-dataintelligence-sdk-version, Referer, Origin, x-dataintelligence-clientid, x-dataintelligence-campaignids, x-dataintelligence-userid, x-dataintelligence-errorid, x-dataintelligence-correlationid, cf-connecting-ip, x-forwarded-for, http_x_forwarded_for, x-forwarded, x-cluster-client-ip, forwarded-for, forwarded, remote_addr, client-ip
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  request-context: appId=cid-v1:a33f2e3a-ec15-4d53-8ac6-897af884626b
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  49192.168.2.749777142.251.2.1564437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:52 UTC833OUTPOST /g/collect?v=2&tid=G-9JSNBCSF54&cid=925834404.1713914987&gtm=45je44m0v9167661709z8536291za200&aip=1&dma=0&gcs=G111&gcd=13v3v3v3v5&npa=0 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: stats.g.doubleclick.net
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: test_cookie=CheckForPermission
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:52 UTC449INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:52 GMT
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                                                                  Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                  Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                                                                  Server: Golfe2
                                                                                                                                                                                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                  Connection: close


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  50192.168.2.7497733.248.162.964437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:52 UTC6692OUTGET /ct?id=37678&url=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&sf=0&tpi=&ch=Telerik&uvid=&tsf=0&tsfmi=&tsfu=&cb=1713914987738&hl=1&op=0&ag=300509663&rand=949911591996670929250675522207660181220029557281702027707682202129158111898882021890&fs=1034x870&fst=1034x870&np=win32&nv=google%20inc.&ref=&ss=1280x1024&nc=0&at=&di=W1siZWYiLDEyMTddLFsiYm5jaCIsNV0sWyJhYm5jaCIsNV0sWy0xNSwiLSJdLFstMzQsIi0iXSxbLTUyLCItIl0sWy0yNywiWzQwMCwxLjUsMCxcIjNnXCIsbnVsbF0iXSxbLTEyLCJudWxsIl0sWy0yMSwiLSJdLFstMTgsIlswLDAsMCwxXSJdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbFwiLFwidlwiOlwiZ29vZ2xlIGluYy4gKGdvb2dsZSlcIixcInJcIjpcImFuZ2xlIChnb29nbGUsIHZ1bGthbiAxLjMuMCAoc3dpZnRzaGFkZXIgZGV2aWNlIChzdWJ6ZXJvKSAoMHgwMDAwYzBkZSkpLCBzd2lmdHNoYWRlciBkcml2ZXIpXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wgZXMgMS4wIChvcGVuZ2wgZXMgZ2xzbCBlcyAxLjAgY2hyb21pdW0pXCIsXCJndmVyXCI6XCJ3ZWJnbCAxLjAgKG9wZW5nbCBlcyAyLjAgY2hyb21pdW0pXCIsXCJndmVuXCI6XCJ3ZWJraXRcIixcImJlblwiOjE0LFwid2dsXCI6MSxcImdyZW5cIjpcIndlYmtpdCB3ZWJnbFwiLFwic2VmXCI6MzY5ODUxODcxMCxcInNlY1wiOlwiXCJ9Il0sWy00MiwiMTcyNDI5NzY1MyJdLFstMzUsIlsxNzEzOTE0OTg3NDE2LC0yXSJdLFstMjgsImVuLVVTLGVuIl0sWy0xMywiLSJdLFstMjUsIi0iXSxbLTY2LCJnZW9sb2NhdGlvbixzdG9yYWdlYWNjZXNzLGdhbWVwYWQsY2hlY3QsbWlkaSxkaXNwbGF5Y2FwdHVyZSx1c2IsYnJvd3Npbmd0b3BpY3MsbG9jYWxmb250cyxwaWN0dXJlaW5waWN0dXJlLGpvaW5hZGludGVyZXN0Z3JvdXAscHVibGlja2V5Y3JlZGVudGlhbHNnZXQsb3RwY3JlZGVudGlhbHMsY2h1YWZvcm1mYWN0b3IsZW5jcnlwdGVkbWVkaWEsY2hzYXZlZGF0YSxjaHVhZnVsbHZlcnNpb25saXN0LGNodWF3b3c2NCxzaGFyZWRzdG9yYWdlLGNoZG93bmxpbmssY2hwcmVmZXJzY29sb3JzY2hlbWUsc3luY3hocixjaHVhbW9kZWwsc2VyaWFsLGNhbWVyYSxjaHByZWZlcnNyZWR1Y2VkbW90aW9uLHByaXZhdGVzdGF0ZXRva2VuaXNzdWFuY2UsYmx1ZXRvb3RoLGlkZW50aXR5Y3JlZGVudGlhbHNnZXQsY2h1YWZ1bGx2ZXJzaW9uLGZ1bGxzY3JlZW4sY2hkcHIsdW5sb2FkLGtleWJvYXJkbWFwLGNodWFwbGF0Zm9ybSxzaGFyZWRzdG9yYWdlc2VsZWN0dXJsLGd5cm9zY29wZSxpbnRlcmVzdGNvaG9ydCx3aW5kb3dwbGFjZW1lbnQsY2h1YW1vYmlsZSxjaHVhLHJ1bmFkYXVjdGlvbixtYWduZXRvbWV0ZXIsYWNjZWxlcm9tZXRlcixwcml2YXRlc3RhdGV0b2tlbnJlZGVtcHRpb24sY2h1YWFyY2gseHJzcGF0aWFsdHJhY2tpbmcsaWRsZWRldGVjdGlvbixjaHVhcGxhdGZvcm12ZXJzaW9uLGNod2lkdGgsY2xpcGJvYXJkcmVhZCxjaHZpZXdwb3J0d2lkdGgscGF5bWVudCxjaHZpZXdwb3J0aGVpZ2h0LGNocnR0LGF1dG9wbGF5LGNyb3Nzb3JpZ2luaXNvbGF0ZWQsaGlkLGNodWFiaXRuZXNzLHNjcmVlbndha2Vsb2NrLHByaXZhdGVhZ2dyZWdhdGlvbixjbGlwYm9hcmR3cml0ZSxhdHRyaWJ1dGlvbnJlcG9ydGluZyxjaGRldmljZW1lbW9yeSxtaWNyb3Bob25lIl0sWy0yMywiKyJdLFstNTAsIi0iXSxbLTQ3LCJFdXJvcGUvWnVyaWNoLGVuLVVTLGxhdG4sZ3JlZ29yeSJdLFstMjksIi0iXSxbLTMsIltcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIl0iXSxbLTYsIi0iXSxbLTEwLCItIl0sWy0yNiwie1widGpoc1wiOjE0MzQ3NTY3LFwidWpoc1wiOjEwNTQ3NDIzLFwiamhzbFwiOjIxNzI2NDk0NzJ9Il0sWy0zNywiLTEwOS02Ni03MC0iXSxbLTksIisiXSxbLTIwLCI5MjU4MzQ0MDQuMTcxMzkxNDk4NyJdLFstMzksIltcIjIwMDMwMTA3XCIsMixcIkdlY2tvXCIsXCJOZXRzY2FwZVwiLFwiTW96aWxsYVwiLG51bGwsbnVsbCx0cnVlLDgsZmFsc2UsbnVsbCw1LHRydWUsdHJ1ZSxudWxsLDAsdHJ1ZSx0cnVlXSJdLFstNDksIi0iXSxbLTYwLCItIl0sWy0zMiwiLSJdLFstNDUsIi0iXSxbLTYxLCJ7XCJ3Z3NsXCI6XCIwO1wiLFwicGNmXCI6XCJiZ3JhOHVub3JtXCJ9Il0sWy01MSwiLSJdLFstNTYsImxhbmRzY2FwZS1wcmltYXJ5Il0sWy00NiwiMCJdLFstNTUsIjEiXSxbLTU3LCJXRTBaZUV0TFdFQVhUMXdaRVZGTlRVbEtBeFlXWEV4V1d4ZEFUVTVXVVZWYVNCZE5YRlZjUzFCU0YxcFdWQlpLUVVrV1VCWUFEUWtKRFE0QURRc0pEUTVmQUY4SkRRRmRDMW9JWEFoZkQxc09BUTBBQ3hkVFNnTUlBdzhPQ3dnSUVBPT0iXSxbLTMzLCItIl0sWy00NCwiMCwwLDAsNSJdLFstNTQsIntcImhcIjpbXCJfMFwiLFwiNDI4ODMxMjQ1N1wiLFwiXzNcIixcIjI4NzI4OTkzMjBcIl0sXCJkXCI6W10sXCJiXCI6W1wiXzBcIixcIjM5MDgxNzk3MTdcIixcIl8xXCIsXCIzOTA4MTc5NzE3XCJdLFwic1wiOjF9Il0sWy0yLCI4LGQ0SE9YVlBYN2ZOak5iMUt1N2NXOWdURzgydlFWSTZBbTlneUZBQWlIa1R5REJmTW1YWGlpcGhFRG94Y2IwRmpDWTBBM0dOdURlSkZkWlhkb3k1VzMvNTg1cXBiVXc1Y3RQZnYiXSxbLTYzLCItIl0sWy00MCwiMzMiXSxbLTU5LCJkZWZhdWx0Il0sWy00MSwiLSJdLFstNjQsIlswLFwiV2luZG93c1wiLFt7XCJiXCI6XCJHb29nbGUgQ2hyb21lXCIsXCJ2XCI6XCIxMTdcIn0se1wiYlwiOlwiTm90O0E9QnJhbmRcIixcInZcIjpcIjhcIn0se1wiYlwiOlwiQ2hyb21pdW1cIixcInZcIjpcIjExN1wifV1dIl0sWy0xOSwiWzEwLDEwLDEwLDEwLDAsMCwxLDI0LDI0LFwiLVwiLDEyODAsOTg0LDEyODAsMTAyNCwxMDUwLDk2NCwxMDM0LDg3MCwwLDAsMCwwLFwiLVwiLFwiLVwiLDEwMTcsODcwXSJdLFstMjQsIltdIl0sWy0xNiwiMCJdLFstNDgsIjAsMCJdLFstNjUsIi0iXSxbLTUzLCIxMDAiXSxbLTUsIi0iXSxbLTcsIi0iXSxbLTEsIi0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTM2LCJbXCI1LzRcIixcIjUvNFwiXSJdLFstMzgsImksLTEsLTEsNTk5MSwwLDI1LDAsMTU1LDkzOCwxMTA4LC0xLDAsMTI0NDYuOCwxMjQ0Ni44LDI3MTQ5LDI3MTUwIl0sWy00MywiMDAwMDAwMDEwMTAwMDAwMTEwMTExMDExMDExMDExMDEwMDAwMDEiXSxbLTU4LCItIl0sWy04LCItIl0sWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W1wib2c6dGl0bGVcIixcInR3aXR0ZXI6dGl0bGVcIl19Il0sWy0xNCwiLSJdLFstMjIsIltcIm5cIixcIm5cIl0iXSxbLTQsIi0iXSxbLTE3LCI0Il0sWy02NywiMjUzMjMxMjg4ODo5OSJdLFstMzEsImZhbHNlIl0sWy02MiwiODAiXSxbLTY4LCItIl0sWyJkZGIiLCIwLDgsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMSwxLDAsMCwwLDAsMSwxLDIsMCwwLDQ1LDAsMCwxLDAsMCwwLDEsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsOTksMCJdLFsiY2IiLCIwLDAsMCwwLDAsMCwwLDAsMSw1LDAsMSwxNSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMSwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDksMCwxLDEsMCwwLDAsMCw1LDAiXV0%3D&dep=0&pre=0&sdd=%7B%7D&cri=aUHD7PzVvl&pto=27367&ver=59&gac=925834404.1713914987&mei=&ap=&fe=1&duid=1.1713914987.ttMfVwhY9k56diVz&suid=1.1713914987.pGYyDePOB7d0lADU&tuid=1.1713914987.PKATXFFqPmhD391g&fbc=-&gtm=WyJwZXJzaXN0dXVpZCIsInRheF9sb2FkZWQiLCJlbHFRX2xvYWRlZCIsIk9uZVRydXN0TG9hZGVkIiwiT3B0YW5vbkxvYWRlZCIsIk9uZVRydXN0R3JvdXBzVXBkYXRlZCJd&it=37%2C17134%2C9816&fbcl=-&gacl=&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=&sck=- HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: obseu.ytwohlcq.telerik.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A47+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=0&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run; _gcl_au=1.1.571138784.1713914988; _ga_9JSNBCSF54=GS1.1.1713914987.1.0.1713914987.60.0.0; _ga=GA1.1.925834404.1713914987; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:52 UTC396INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                                                                                                                  Content-Type: text/javascript
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:52 GMT
                                                                                                                                                                                                                                                                                                                                  Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Set-Cookie: cg_uuid=490a579c4dfc5a03b8ee2ef3e0a6a990; Max-Age=29030400; Path=/; Expires=Tue, 25 Mar 2025 23:29:52 GMT; HttpOnly; Secure; SameSite=None
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:52 UTC783INData Raw: 66 38 61 0d 0a 74 79 70 65 6f 66 20 5f 5f 63 74 63 67 5f 63 74 5f 33 37 36 37 38 5f 65 78 65 63 20 3d 3d 3d 20 27 66 75 6e 63 74 69 6f 6e 27 20 26 26 20 5f 5f 63 74 63 67 5f 63 74 5f 33 37 36 37 38 5f 65 78 65 63 28 7b 22 74 63 22 3a 22 33 37 64 66 62 64 38 65 65 38 34 65 30 30 31 32 36 62 65 64 63 65 33 34 65 65 34 65 38 33 39 66 39 32 32 35 63 32 34 66 35 36 37 64 34 33 64 36 64 61 31 39 30 38 62 65 36 32 34 35 63 61 64 37 62 64 37 30 61 39 37 36 37 35 30 65 66 38 30 65 64 38 39 33 37 33 62 66 65 37 30 65 39 63 32 30 63 31 65 35 33 65 38 64 35 64 31 36 38 62 36 61 32 66 31 37 30 37 31 61 31 30 61 63 66 39 66 32 39 66 36 37 34 64 38 62 38 33 64 38 30 32 32 62 33 36 34 38 66 61 32 63 32 31 35 37 38 32 36 61 64 66 36 31 39 35 30 63 36 35 35 30 32 31 63 36
                                                                                                                                                                                                                                                                                                                                  Data Ascii: f8atypeof __ctcg_ct_37678_exec === 'function' && __ctcg_ct_37678_exec({"tc":"37dfbd8ee84e00126bedce34ee4e839f9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5d168b6a2f17071a10acf9f29f674d8b83d8022b3648fa2c2157826adf61950c655021c6
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:52 UTC2358INData Raw: 33 61 63 37 39 32 66 35 63 36 33 38 65 38 37 62 33 62 36 63 64 37 33 36 36 62 38 34 39 33 39 32 35 66 32 61 64 63 61 38 32 62 66 38 35 33 62 35 63 31 31 66 64 38 33 37 61 65 33 64 31 61 30 62 36 33 66 64 37 36 66 31 34 64 64 63 38 37 66 36 32 63 66 36 63 37 32 66 63 34 35 63 62 66 64 39 39 32 39 62 37 37 38 39 35 64 34 33 37 64 65 64 35 39 30 34 31 33 32 36 30 39 33 65 38 39 65 63 36 32 62 65 30 35 38 63 38 63 62 31 32 33 61 62 39 39 37 35 66 36 39 39 36 63 39 34 63 32 65 35 66 64 36 39 38 34 62 35 65 34 34 39 36 64 37 33 38 34 61 39 30 36 30 34 64 37 66 37 34 37 31 61 30 37 66 37 63 64 65 63 33 66 66 31 36 34 64 65 39 33 30 38 66 64 65 61 33 63 62 62 37 65 61 35 33 39 39 36 35 37 64 30 31 34 64 33 62 36 33 64 63 30 31 62 32 34 65 64 61 66 39 36 36 66 33
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 3ac792f5c638e87b3b6cd7366b8493925f2adca82bf853b5c11fd837ae3d1a0b63fd76f14ddc87f62cf6c72fc45cbfd9929b77895d437ded59041326093e89ec62be058c8cb123ab9975f6996c94c2e5fd6984b5e4496d7384a90604d7f7471a07f7cdec3ff164de9308fdea3cbb7ea5399657d014d3b63dc01b24edaf966f3
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:52 UTC559INData Raw: 32 63 32 35 30 64 30 35 64 34 39 33 30 34 61 62 31 32 34 37 34 34 30 39 36 39 31 31 30 34 65 65 35 37 66 62 34 61 62 38 33 33 66 38 35 64 30 66 30 31 63 30 32 33 66 66 31 32 38 33 32 30 32 30 34 64 33 30 35 30 31 61 35 38 62 65 34 31 39 31 36 39 34 32 66 22 7d 2c 22 3c 73 63 72 69 70 74 3e 20 28 66 75 6e 63 74 69 6f 6e 28 77 2c 64 2c 74 2c 72 2c 75 29 20 7b 20 76 61 72 20 66 2c 6e 2c 69 3b 20 77 5b 75 5d 3d 77 5b 75 5d 7c 7c 5b 5d 2c 66 3d 66 75 6e 63 74 69 6f 6e 28 29 20 7b 20 76 61 72 20 6f 3d 7b 74 69 3a 5c 22 32 32 33 30 30 30 32 34 33 5c 22 7d 3b 20 6f 2e 71 3d 77 5b 75 5d 2c 77 5b 75 5d 3d 6e 65 77 20 55 45 54 28 6f 29 2c 77 5b 75 5d 2e 70 75 73 68 28 5c 22 70 61 67 65 4c 6f 61 64 5c 22 29 20 7d 2c 20 6e 3d 64 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 2c250d05d49304ab12474409691104ee57fb4ab833f85d0f01c023ff128320204d30501a58be41916942f"},"<script> (function(w,d,t,r,u) { var f,n,i; w[u]=w[u]||[],f=function() { var o={ti:\"223000243\"}; o.q=w[u],w[u]=new UET(o),w[u].push(\"pageLoad\") }, n=d.createElemen
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:52 UTC290INData Raw: 72 69 70 74 3e 22 2c 7b 22 66 62 6b 22 3a 7b 22 61 75 64 22 3a 5b 7b 22 63 6c 69 65 6e 74 49 64 22 3a 22 31 34 34 34 30 39 33 32 35 32 35 30 32 32 32 36 22 2c 22 74 79 70 65 22 3a 22 66 61 63 65 62 6f 6f 6b 22 7d 5d 7d 2c 22 67 67 61 22 3a 7b 22 61 75 64 22 3a 5b 7b 22 69 64 22 3a 22 39 37 35 36 35 32 32 39 32 22 2c 22 6c 61 62 65 6c 22 3a 22 70 34 7a 78 43 4e 71 5f 38 49 6b 59 45 4d 53 4c 6e 64 45 44 22 7d 5d 7d 2c 22 70 78 67 22 3a 7b 22 74 49 64 73 22 3a 5b 22 41 57 2d 39 37 35 36 35 32 32 39 32 22 5d 2c 22 6d 22 3a 22 35 39 34 33 32 33 33 32 37 22 7d 2c 22 63 6d 63 73 22 3a 74 72 75 65 2c 22 67 61 63 22 3a 7b 22 74 22 3a 5b 22 47 2d 39 4a 53 4e 42 43 53 46 35 34 22 5d 2c 22 74 75 61 22 3a 5b 5d 2c 22 76 22 3a 31 2c 22 63 22 3a 22 67 32 51 67 6c 69 74
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ript>",{"fbk":{"aud":[{"clientId":"1444093252502226","type":"facebook"}]},"gga":{"aud":[{"id":"975652292","label":"p4zxCNq_8IkYEMSLndED"}]},"pxg":{"tIds":["AW-975652292"],"m":"594323327"},"cmcs":true,"gac":{"t":["G-9JSNBCSF54"],"tua":[],"v":1,"c":"g2Qglit


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  51192.168.2.749778192.29.11.1424437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:52 UTC622OUTGET /visitor/v200/svrGP?pps=70&siteid=1325 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: s1325.t.eloqua.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: ELOQUA=GUID=A19FC9146C534783A26EBA38F50B2A88; ELQSTATUS=OK
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:52 UTC446INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-store
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/javascript; charset=utf-8
                                                                                                                                                                                                                                                                                                                                  Expires: -1
                                                                                                                                                                                                                                                                                                                                  X-Robots-Tag: noindex, nofollow
                                                                                                                                                                                                                                                                                                                                  X-Xss-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                                                                                  P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:51 GMT
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Content-Length: 79
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:52 UTC79INData Raw: 66 75 6e 63 74 69 6f 6e 20 47 65 74 45 6c 71 43 75 73 74 6f 6d 65 72 47 55 49 44 28 29 7b 20 72 65 74 75 72 6e 20 27 61 31 39 66 63 39 31 34 2d 36 63 35 33 2d 34 37 38 33 2d 61 32 36 65 2d 62 61 33 38 66 35 30 62 32 61 38 38 27 3b 20 7d
                                                                                                                                                                                                                                                                                                                                  Data Ascii: function GetElqCustomerGUID(){ return 'a19fc914-6c53-4783-a26e-ba38f50b2a88'; }


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  52192.168.2.74977552.252.156.534437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:52 UTC748OUTPOST /collect/v2/data-centers/76766c2b-82f4-2453-81e5-fd840f3b455b/datasources/TelerikCom/interactions HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: api.insight.sitefinity.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  Content-Length: 1889
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/json
                                                                                                                                                                                                                                                                                                                                  x-dataintelligence-sdk-version: js-3.1.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:52 UTC1889OUTData Raw: 5b 7b 22 53 22 3a 22 31 37 31 33 39 31 34 39 38 39 34 36 39 2d 30 39 31 37 37 33 66 33 2d 39 30 30 61 2d 34 35 64 32 2d 62 65 30 38 2d 61 31 64 35 62 34 35 64 66 65 34 32 22 2c 22 53 4d 22 3a 7b 22 55 73 65 72 41 67 65 6e 74 22 3a 22 4d 6f 7a 69 6c 6c 61 2f 35 2e 30 20 28 57 69 6e 64 6f 77 73 20 4e 54 20 31 30 2e 30 3b 20 57 69 6e 36 34 3b 20 78 36 34 29 20 41 70 70 6c 65 57 65 62 4b 69 74 2f 35 33 37 2e 33 36 20 28 4b 48 54 4d 4c 2c 20 6c 69 6b 65 20 47 65 63 6b 6f 29 20 43 68 72 6f 6d 65 2f 31 31 37 2e 30 2e 30 2e 30 20 53 61 66 61 72 69 2f 35 33 37 2e 33 36 22 2c 22 42 72 6f 77 73 65 72 20 6c 61 6e 67 75 61 67 65 22 3a 22 65 6e 2d 55 53 22 7d 2c 22 49 4d 22 3a 7b 22 49 6e 74 65 72 61 63 74 69 6f 6e 49 64 22 3a 22 38 38 32 35 30 33 33 37 2d 30 64 38 32
                                                                                                                                                                                                                                                                                                                                  Data Ascii: [{"S":"1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42","SM":{"UserAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36","Browser language":"en-US"},"IM":{"InteractionId":"88250337-0d82
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:52 UTC1484INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:52 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/json; charset=utf-8
                                                                                                                                                                                                                                                                                                                                  Content-Length: 1
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Headers: Content-Type, Content-Length, X-Requested-With, Authorization, x-dataintelligence-accountkey, x-dataintelligence-datacenterkey, x-dataintelligence-datasource, x-dataintelligence-sort, x-dataintelligence-skip, x-dataintelligence-take, x-dataintelligence-fields, x-dataintelligence-count, x-dataintelligence-filterby, x-dataintelligence-filter, x-dataintelligence-contains, x-dataintelligence-nextrowkey, x-dataintelligence-flush, x-dataintelligence-fromdate, x-dataintelligence-todate, x-dataintelligence-period, x-dataintelligence-scale, x-dataintelligence-predicate, x-dataintelligence-subject, x-dataintelligence-ids, x-dataintelligence-datasources, x-dataintelligence-imagecrop, x-dataintelligence-contacts, x-forwarded-for, x-dataintelligence-sdk-version, Referer, Origin, x-dataintelligence-clientid, x-dataintelligence-campaignids, x-dataintelligence-userid, x-dataintelligence-errorid, x-dataintelligence-correlationid, cf-connecting-ip, x-forwarded-for, http_x_forwarded_for, x-forwarded, x-cluster-client-ip, forwarded-for, forwarded, remote_addr, client-ip
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  ETag: W/"1-d95o2uzYI7q7tY7bHI4U1xBug7s"
                                                                                                                                                                                                                                                                                                                                  request-context: appId=cid-v1:a33f2e3a-ec15-4d53-8ac6-897af884626b
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:52 UTC1INData Raw: 33
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 3


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  53192.168.2.74976452.165.165.26443
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:52 UTC306OUTGET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=dswWbrh3M+huW3O&MD=8amD1xGW HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                                                                                                                                                                                                                                                                                                                                  Host: slscr.update.microsoft.com
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:52 UTC560INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                                                                  Expires: -1
                                                                                                                                                                                                                                                                                                                                  Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                                                                                                                                                                                                                                                                                                                                  ETag: "XAopazV00XDWnJCwkmEWRv6JkbjRA9QSSZ2+e/3MzEk=_2880"
                                                                                                                                                                                                                                                                                                                                  MS-CorrelationId: 55035886-c0f4-4f2b-a611-209a4c7ba6cb
                                                                                                                                                                                                                                                                                                                                  MS-RequestId: 3c5cd179-3f65-45da-ba01-9fba79c43fd4
                                                                                                                                                                                                                                                                                                                                  MS-CV: 6PgKbEjy6E6jE2KO.0
                                                                                                                                                                                                                                                                                                                                  X-Microsoft-SLSClientCache: 2880
                                                                                                                                                                                                                                                                                                                                  Content-Disposition: attachment; filename=environment.cab
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:52 GMT
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Content-Length: 24490
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:52 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 92 1e 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 23 d0 00 00 14 00 00 00 00 00 10 00 92 1e 00 00 18 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 e6 42 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 78 cf 8d 5c 26 1e e6 42 43 4b ed 5c 07 54 13 db d6 4e a3 f7 2e d5 d0 3b 4c 42 af 4a 57 10 e9 20 bd 77 21 94 80 88 08 24 2a 02 02 d2 55 10 a4 a8 88 97 22 8a 0a d2 11 04 95 ae d2 8b 20 28 0a 88 20 45 05 f4 9f 80 05 bd ed dd f7 ff 77 dd f7 bf 65 d6 4a 66 ce 99 33 67 4e d9 7b 7f fb db 7b 56 f4 4d 34 b4 21 e0 a7 03 0a d9 fc 68 6e 1d 20 70 28 14 02 85 20 20 ad 61 10 08 e3 66 0d ed 66 9b 1d 6a 90 af 1f 17 f0 4b 68 35 01 83 6c fb 44 42 5c 7d 83 3d 03 30 be 3e ae be 58
                                                                                                                                                                                                                                                                                                                                  Data Ascii: MSCFD#AdBenvironment.cabx\&BCK\TN.;LBJW w!$*U" ( EweJf3gN{{VM4!hn p( affjKh5lDB\}=0>X
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:52 UTC8666INData Raw: 04 01 31 2f 30 2d 30 0a 02 05 00 e1 2b 8a 50 02 01 00 30 0a 02 01 00 02 02 12 fe 02 01 ff 30 07 02 01 00 02 02 11 e6 30 0a 02 05 00 e1 2c db d0 02 01 00 30 36 06 0a 2b 06 01 04 01 84 59 0a 04 02 31 28 30 26 30 0c 06 0a 2b 06 01 04 01 84 59 0a 03 02 a0 0a 30 08 02 01 00 02 03 07 a1 20 a1 0a 30 08 02 01 00 02 03 01 86 a0 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 0c d9 08 df 48 94 57 65 3e ad e7 f2 17 9c 1f ca 3d 4d 6c cd 51 e1 ed 9c 17 a5 52 35 0f fd de 4b bd 22 92 c5 69 e5 d7 9f 29 23 72 40 7a ca 55 9d 8d 11 ad d5 54 00 bb 53 b4 87 7b 72 84 da 2d f6 e3 2c 4f 7e ba 1a 58 88 6e d6 b9 6d 16 ae 85 5b b5 c2 81 a8 e0 ee 0a 9c 60 51 3a 7b e4 61 f8 c3 e4 38 bd 7d 28 17 d6 79 f0 c8 58 c6 ef 1f f7 88 65 b1 ea 0a c0 df f7 ee 5c 23 c2 27 fd 98 63 08 31
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 1/0-0+P000,06+Y1(0&0+Y0 00*HHWe>=MlQR5K"i)#r@zUTS{r-,O~Xnm[`Q:{a8}(yXe\#'c1


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  54192.168.2.749781142.251.2.1554437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:52 UTC854OUTGET /pagead/landing?gcs=G111&gcd=13v3v3v3v5&rnd=71549082.1713914988&url=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&dma=0&npa=0&gtm=45je44m0v9167661709z8536291za200&auid=571138784.1713914988 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: googleads.g.doubleclick.net
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: test_cookie=CheckForPermission
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:52 UTC960INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
                                                                                                                                                                                                                                                                                                                                  Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:52 GMT
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                                                                                                                  Content-Type: image/gif
                                                                                                                                                                                                                                                                                                                                  Content-Security-Policy: script-src 'none'; object-src 'none'
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  Server: cafe
                                                                                                                                                                                                                                                                                                                                  Content-Length: 42
                                                                                                                                                                                                                                                                                                                                  X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                                                                  Set-Cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
                                                                                                                                                                                                                                                                                                                                  Set-Cookie: IDE=AHWqTUkXvDFHI1NoFCp3oWQeqwpIC69ypakV5TY7pgxsH6-vOws3xTZNZXQ0DgYE; expires=Thu, 23-Apr-2026 23:29:52 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
                                                                                                                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:52 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                                                                  Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  55192.168.2.74978374.125.137.1564437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:53 UTC1391OUTGET /td/rul/975652292?random=1713914991222&cv=11&fst=1713914991222&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je44m0v9167661709za200&gcs=G111&gcd=13v3v3v3v5&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&label=p4zxCNq_8IkYEMSLndED&hn=www.googleadservices.com&frm=0&tiba=First%20run&gtm_ee=1&npa=0&pscdl=noapi&auid=571138784.1713914988&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.134%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.134&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&ct_cookie_present=0 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: td.doubleclick.net
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                                                                                                                                  X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: iframe
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: test_cookie=CheckForPermission
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:53 UTC954INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
                                                                                                                                                                                                                                                                                                                                  Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:53 GMT
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache, must-revalidate
                                                                                                                                                                                                                                                                                                                                  Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  Server: cafe
                                                                                                                                                                                                                                                                                                                                  X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                                                                  Set-Cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
                                                                                                                                                                                                                                                                                                                                  Set-Cookie: IDE=AHWqTUkWuMucKmweOSwmj7RW92pz4PKO8842RtsIxN0p7KUWBRm2nELl74IoNpUN; expires=Thu, 23-Apr-2026 23:29:53 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
                                                                                                                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                  Accept-Ranges: none
                                                                                                                                                                                                                                                                                                                                  Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:53 UTC301INData Raw: 31 31 66 34 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 6f 72 69 67 69 6e 2d 74 72 69 61 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 41 76 68 35 4e 79 30 58 45 46 43 79 51 37 2b 6f 4e 69 65 58 73 6b 55 72 71 59 38 65 64 55 7a 4c 35 2f 58 72 77 4b 6c 47 6a 41 52 51 48 57 34 54 46 52 4b 2b 6a 56 64 35 48 6e 44 49 70 59 32 30 6e 35 4f 4c 48 66 67 55 34 6b 75 37 78 34 38 4e 33 75 68 47 2f 41 30 41 41 41 42 78 65 79 4a 76 63 6d 6c 6e 61 57 34 69 4f 69 4a 6f 64 48 52 77 63 7a 6f 76 4c 32 52 76 64 57 4a 73 5a 57 4e 73 61 57 4e 72 4c 6d 35 6c 64 44 6f 30 4e 44 4d 69 4c 43 4a 6d 5a 57 46 30 64 58 4a 6c 49 6a 6f 69 55 48 4a 70 64 6d 46 6a 65 56 4e 68 62 6d 52 69 62 33 68 42 5a 48 4e 42 55 45 6c 7a 49 69 77 69 5a 58 68 77
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 11f4<html><head><meta http-equiv="origin-trial" content="Avh5Ny0XEFCyQ7+oNieXskUrqY8edUzL5/XrwKlGjARQHW4TFRK+jVd5HnDIpY20n5OLHfgU4ku7x48N3uhG/A0AAABxeyJvcmlnaW4iOiJodHRwczovL2RvdWJsZWNsaWNrLm5ldDo0NDMiLCJmZWF0dXJlIjoiUHJpdmFjeVNhbmRib3hBZHNBUElzIiwiZXhw
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:53 UTC1255INData Raw: 30 3d 22 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 73 63 72 69 70 74 3e 76 61 72 20 69 67 5f 6c 69 73 74 3d 7b 22 69 6e 74 65 72 65 73 74 47 72 6f 75 70 73 22 3a 5b 7b 22 61 63 74 69 6f 6e 22 3a 30 2c 22 65 78 70 69 72 61 74 69 6f 6e 54 69 6d 65 49 6e 53 65 63 6f 6e 64 73 22 3a 32 35 39 32 30 30 30 2c 22 69 6e 74 65 72 65 73 74 47 72 6f 75 70 41 74 74 72 69 62 75 74 65 73 22 3a 7b 22 6f 77 6e 65 72 22 3a 22 68 74 74 70 73 3a 2f 2f 74 64 2e 64 6f 75 62 6c 65 63 6c 69 63 6b 2e 6e 65 74 22 2c 22 6e 61 6d 65 22 3a 22 31 6a 35 39 37 34 36 33 33 34 35 22 2c 22 62 69 64 64 69 6e 67 4c 6f 67 69 63 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 74 64 2e 64 6f 75 62 6c 65 63 6c 69 63 6b 2e 6e 65 74 2f 74 64 2f 62 6a 73 22 2c 22 64 61 69 6c 79 55 70 64 61 74 65 55 72
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 0="></head><body><script>var ig_list={"interestGroups":[{"action":0,"expirationTimeInSeconds":2592000,"interestGroupAttributes":{"owner":"https://td.doubleclick.net","name":"1j597463345","biddingLogicUrl":"https://td.doubleclick.net/td/bjs","dailyUpdateUr
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:53 UTC1255INData Raw: 32 36 66 6f 72 6d 61 74 3d 24 7b 41 44 5f 57 49 44 54 48 7d 78 24 7b 41 44 5f 48 45 49 47 48 54 7d 5c 75 30 30 32 36 72 64 73 3d 24 7b 52 45 4e 44 45 52 5f 44 41 54 41 7d 5c 75 30 30 32 36 73 65 61 74 3d 32 5c 75 30 30 32 36 72 70 5f 69 64 3d 31 6a 35 39 37 34 36 33 33 34 35 22 2c 22 6d 65 74 61 64 61 74 61 22 3a 5b 22 31 35 35 33 36 34 37 36 35 32 36 32 22 2c 22 36 39 36 33 38 34 36 34 34 37 39 33 22 2c 6e 75 6c 6c 2c 22 32 30 39 37 30 34 32 38 33 39 32 22 5d 2c 22 61 64 52 65 6e 64 65 72 49 64 22 3a 22 57 54 4a 47 71 54 62 72 4b 41 6b 22 7d 2c 7b 22 72 65 6e 64 65 72 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 74 64 73 66 2e 64 6f 75 62 6c 65 63 6c 69 63 6b 2e 6e 65 74 2f 74 64 2f 61 64 66 65 74 63 68 2f 67 64 61 3f 61 64 67 5f 69 64 3d 31 35 33 32 34 37
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 26format=${AD_WIDTH}x${AD_HEIGHT}\u0026rds=${RENDER_DATA}\u0026seat=2\u0026rp_id=1j597463345","metadata":["155364765262","696384644793",null,"20970428392"],"adRenderId":"WTJGqTbrKAk"},{"renderUrl":"https://tdsf.doubleclick.net/td/adfetch/gda?adg_id=153247
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:53 UTC1255INData Raw: 63 72 5f 69 64 3d 36 39 35 30 32 35 32 38 38 36 38 33 5c 75 30 30 32 36 63 76 5f 69 64 3d 30 5c 75 30 30 32 36 66 6f 72 6d 61 74 3d 24 7b 41 44 5f 57 49 44 54 48 7d 78 24 7b 41 44 5f 48 45 49 47 48 54 7d 5c 75 30 30 32 36 72 64 73 3d 24 7b 52 45 4e 44 45 52 5f 44 41 54 41 7d 5c 75 30 30 32 36 73 65 61 74 3d 32 5c 75 30 30 32 36 72 70 5f 69 64 3d 31 6a 34 35 32 38 30 36 38 38 36 22 2c 22 6d 65 74 61 64 61 74 61 22 3a 5b 22 31 35 38 37 32 34 34 34 30 38 30 36 22 2c 22 36 39 35 30 32 35 32 38 38 36 38 33 22 2c 6e 75 6c 6c 2c 22 32 30 35 37 36 30 31 34 34 36 35 22 5d 2c 22 61 64 52 65 6e 64 65 72 49 64 22 3a 22 6f 61 6a 31 33 72 43 4b 37 50 59 22 7d 2c 7b 22 72 65 6e 64 65 72 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 74 64 73 66 2e 64 6f 75 62 6c 65 63 6c 69
                                                                                                                                                                                                                                                                                                                                  Data Ascii: cr_id=695025288683\u0026cv_id=0\u0026format=${AD_WIDTH}x${AD_HEIGHT}\u0026rds=${RENDER_DATA}\u0026seat=2\u0026rp_id=1j452806886","metadata":["158724440806","695025288683",null,"20576014465"],"adRenderId":"oaj13rCK7PY"},{"renderUrl":"https://tdsf.doublecli
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:53 UTC538INData Raw: 7a 61 74 69 6f 6e 22 3a 74 72 75 65 2c 22 74 72 75 73 74 65 64 42 69 64 64 69 6e 67 53 69 67 6e 61 6c 73 53 6c 6f 74 53 69 7a 65 4d 6f 64 65 22 3a 22 61 6c 6c 2d 73 6c 6f 74 73 2d 72 65 71 75 65 73 74 65 64 2d 73 69 7a 65 73 22 7d 7d 5d 7d 3b 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 3e 66 6f 72 28 6c 65 74 20 69 20 6f 66 20 69 67 5f 6c 69 73 74 2e 69 6e 74 65 72 65 73 74 47 72 6f 75 70 73 29 7b 74 72 79 7b 69 66 28 69 2e 61 63 74 69 6f 6e 3d 3d 30 29 7b 6e 61 76 69 67 61 74 6f 72 2e 6a 6f 69 6e 41 64 49 6e 74 65 72 65 73 74 47 72 6f 75 70 28 69 2e 69 6e 74 65 72 65 73 74 47 72 6f 75 70 41 74 74 72 69 62 75 74 65 73 2c 69 2e 65 78 70 69 72 61 74 69 6f 6e 54 69 6d 65 49 6e 53 65 63 6f 6e 64 73 29 3b 7d 65 6c 73 65 20 69 66 28 69 2e 61 63 74 69 6f 6e
                                                                                                                                                                                                                                                                                                                                  Data Ascii: zation":true,"trustedBiddingSignalsSlotSizeMode":"all-slots-requested-sizes"}}]};</script><script>for(let i of ig_list.interestGroups){try{if(i.action==0){navigator.joinAdInterestGroup(i.interestGroupAttributes,i.expirationTimeInSeconds);}else if(i.action
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:53 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 0


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  56192.168.2.7497843.248.162.964437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:54 UTC1882OUTPOST /mon HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: obseu.ytwohlcq.telerik.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  Content-Length: 7072
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _ga=GA1.1.925834404.1713914987; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A49+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=0&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjpmYWxzZX0=; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; cg_uuid=490a579c4dfc5a03b8ee2ef3e0a6a990; _cq_pxg=3|594323327|975652292|event=conversion; _ga_9JSNBCSF54=GS1.1.1713914987.1.0.1713914991.56.0.0
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:54 UTC7072OUTData Raw: 65 3d 33 37 64 66 62 64 38 65 65 38 34 65 30 30 31 32 36 62 65 64 63 65 33 34 65 65 34 65 38 33 39 66 39 32 32 35 63 32 34 66 35 36 37 64 34 33 64 36 64 61 31 39 30 38 62 65 36 32 34 35 63 61 64 37 62 64 37 30 61 39 37 36 37 31 30 63 65 36 30 65 64 38 39 33 37 33 62 66 65 37 30 65 39 63 32 30 63 31 65 35 33 65 38 64 35 64 31 36 38 62 36 61 32 66 31 37 30 37 31 61 31 30 61 63 66 39 66 32 39 66 36 37 34 64 38 62 38 33 64 38 30 32 32 62 33 36 34 38 66 61 32 63 32 31 35 37 38 32 36 61 64 66 36 31 39 35 30 63 36 35 35 30 32 31 63 36 30 34 30 33 30 61 33 35 35 35 35 39 39 37 62 37 36 32 34 66 37 37 62 65 32 36 62 62 32 35 63 62 34 33 65 32 39 32 33 65 66 34 34 63 36 65 61 61 31 33 32 63 37 61 31 34 63 34 35 30 65 61 35 34 65 32 38 35 39 32 39 63 36 38 66 33 37
                                                                                                                                                                                                                                                                                                                                  Data Ascii: e=37dfbd8ee84e00126bedce34ee4e839f9225c24f567d43d6da1908be6245cad7bd70a976710ce60ed89373bfe70e9c20c1e53e8d5d168b6a2f17071a10acf9f29f674d8b83d8022b3648fa2c2157826adf61950c655021c604030a35555997b7624f77be26bb25cb43e2923ef44c6eaa132c7a14c450ea54e285929c68f37
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:54 UTC282INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/json
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:54 GMT
                                                                                                                                                                                                                                                                                                                                  Connection: close


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  57192.168.2.74978631.13.70.74437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:54 UTC536OUTGET /en_US/fbevents.js HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: connect.facebook.net
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:54 UTC1465INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/x-javascript; charset=utf-8
                                                                                                                                                                                                                                                                                                                                  timing-allow-origin: *
                                                                                                                                                                                                                                                                                                                                  reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
                                                                                                                                                                                                                                                                                                                                  report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
                                                                                                                                                                                                                                                                                                                                  content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
                                                                                                                                                                                                                                                                                                                                  document-policy: force-load-at-top
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:54 UTC1500INData Raw: 70 65 72 6d 69 73 73 69 6f 6e 73 2d 70 6f 6c 69 63 79 3a 20 61 63 63 65 6c 65 72 6f 6d 65 74 65 72 3d 28 29 2c 20 61 74 74 72 69 62 75 74 69 6f 6e 2d 72 65 70 6f 72 74 69 6e 67 3d 28 29 2c 20 61 75 74 6f 70 6c 61 79 3d 28 29 2c 20 62 6c 75 65 74 6f 6f 74 68 3d 28 29 2c 20 63 61 6d 65 72 61 3d 28 29 2c 20 63 68 2d 64 65 76 69 63 65 2d 6d 65 6d 6f 72 79 3d 28 29 2c 20 63 68 2d 64 6f 77 6e 6c 69 6e 6b 3d 28 29 2c 20 63 68 2d 64 70 72 3d 28 29 2c 20 63 68 2d 65 63 74 3d 28 29 2c 20 63 68 2d 72 74 74 3d 28 29 2c 20 63 68 2d 73 61 76 65 2d 64 61 74 61 3d 28 29 2c 20 63 68 2d 75 61 2d 61 72 63 68 3d 28 29 2c 20 63 68 2d 75 61 2d 62 69 74 6e 65 73 73 3d 28 29 2c 20 63 68 2d 76 69 65 77 70 6f 72 74 2d 68 65 69 67 68 74 3d 28 29 2c 20 63 68 2d 76 69 65 77 70 6f 72
                                                                                                                                                                                                                                                                                                                                  Data Ascii: permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewpor
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:54 UTC1INData Raw: 2f
                                                                                                                                                                                                                                                                                                                                  Data Ascii: /
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:54 UTC14842INData Raw: 2a 2a 0a 2a 20 43 6f 70 79 72 69 67 68 74 20 28 63 29 20 32 30 31 37 2d 70 72 65 73 65 6e 74 2c 20 46 61 63 65 62 6f 6f 6b 2c 20 49 6e 63 2e 20 41 6c 6c 20 72 69 67 68 74 73 20 72 65 73 65 72 76 65 64 2e 0a 2a 0a 2a 20 59 6f 75 20 61 72 65 20 68 65 72 65 62 79 20 67 72 61 6e 74 65 64 20 61 20 6e 6f 6e 2d 65 78 63 6c 75 73 69 76 65 2c 20 77 6f 72 6c 64 77 69 64 65 2c 20 72 6f 79 61 6c 74 79 2d 66 72 65 65 20 6c 69 63 65 6e 73 65 20 74 6f 20 75 73 65 2c 0a 2a 20 63 6f 70 79 2c 20 6d 6f 64 69 66 79 2c 20 61 6e 64 20 64 69 73 74 72 69 62 75 74 65 20 74 68 69 73 20 73 6f 66 74 77 61 72 65 20 69 6e 20 73 6f 75 72 63 65 20 63 6f 64 65 20 6f 72 20 62 69 6e 61 72 79 20 66 6f 72 6d 20 66 6f 72 20 75 73 65 0a 2a 20 69 6e 20 63 6f 6e 6e 65 63 74 69 6f 6e 20 77 69 74
                                                                                                                                                                                                                                                                                                                                  Data Ascii: *** Copyright (c) 2017-present, Facebook, Inc. All rights reserved.** You are hereby granted a non-exclusive, worldwide, royalty-free license to use,* copy, modify, and distribute this software in source code or binary form for use* in connection wit
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:54 UTC16384INData Raw: 6c 6c 3b 61 3d 61 2e 65 78 74 72 61 63 74 6f 72 5f 63 6f 6e 66 69 67 3b 69 66 28 61 3d 3d 6e 75 6c 6c 7c 7c 28 74 79 70 65 6f 66 20 61 3d 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 3f 22 75 6e 64 65 66 69 6e 65 64 22 3a 69 28 61 29 29 21 3d 3d 22 6f 62 6a 65 63 74 22 29 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 76 61 72 20 62 3d 61 2e 63 6f 6e 74 65 78 74 2c 63 3d 61 2e 70 61 72 61 6d 65 74 65 72 5f 74 79 70 65 3b 61 3d 61 2e 76 61 6c 75 65 3b 62 3d 62 21 3d 6e 75 6c 6c 26 26 74 79 70 65 6f 66 20 62 3d 3d 3d 22 73 74 72 69 6e 67 22 26 26 62 21 3d 3d 22 22 3f 62 3a 6e 75 6c 6c 3b 63 3d 64 28 63 29 3b 61 3d 61 21 3d 6e 75 6c 6c 26 26 74 79 70 65 6f 66 20 61 3d 3d 3d 22 73 74 72 69 6e 67 22 26 26 61 21 3d 3d 22 22 3f 61 3a 6e 75 6c 6c 3b 72 65 74 75 72 6e 20 62 21 3d
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ll;a=a.extractor_config;if(a==null||(typeof a==="undefined"?"undefined":i(a))!=="object")return null;var b=a.context,c=a.parameter_type;a=a.value;b=b!=null&&typeof b==="string"&&b!==""?b:null;c=d(c);a=a!=null&&typeof a==="string"&&a!==""?a:null;return b!=
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:54 UTC16384INData Raw: 50 41 52 41 4d 45 54 45 52 2c 78 3d 73 2e 72 65 61 64 50 61 63 6b 65 64 43 6f 6f 6b 69 65 2c 79 3d 73 2e 43 4c 49 43 4b 54 48 52 4f 55 47 48 5f 43 4f 4f 4b 49 45 5f 4e 41 4d 45 3b 73 3d 66 2e 67 65 74 46 62 65 76 65 6e 74 73 4d 6f 64 75 6c 65 73 28 22 53 69 67 6e 61 6c 73 46 42 45 76 65 6e 74 73 45 78 70 65 72 69 6d 65 6e 74 4e 61 6d 65 73 22 29 3b 76 61 72 20 7a 3d 73 2e 55 53 45 5f 46 42 43 5f 41 53 5f 43 41 43 48 45 5f 4b 45 59 5f 45 58 50 45 52 49 4d 45 4e 54 2c 41 3d 66 2e 67 65 74 46 62 65 76 65 6e 74 73 4d 6f 64 75 6c 65 73 28 22 53 69 67 6e 61 6c 73 46 42 45 76 65 6e 74 73 51 45 22 29 2c 42 3d 66 2e 67 65 74 46 62 65 76 65 6e 74 73 4d 6f 64 75 6c 65 73 28 22 53 69 67 6e 61 6c 73 46 42 45 76 65 6e 74 73 4d 6f 64 75 6c 65 45 6e 63 6f 64 69 6e 67 73
                                                                                                                                                                                                                                                                                                                                  Data Ascii: PARAMETER,x=s.readPackedCookie,y=s.CLICKTHROUGH_COOKIE_NAME;s=f.getFbeventsModules("SignalsFBEventsExperimentNames");var z=s.USE_FBC_AS_CACHE_KEY_EXPERIMENT,A=f.getFbeventsModules("SignalsFBEventsQE"),B=f.getFbeventsModules("SignalsFBEventsModuleEncodings
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:54 UTC16384INData Raw: 52 65 67 69 73 74 65 72 65 64 28 22 53 69 67 6e 61 6c 73 46 42 45 76 65 6e 74 73 47 75 61 72 64 72 61 69 6c 22 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 67 2c 69 2c 6a 2c 6b 29 7b 76 61 72 20 6c 3d 7b 65 78 70 6f 72 74 73 3a 7b 7d 7d 3b 6c 2e 65 78 70 6f 72 74 73 3b 28 66 75 6e 63 74 69 6f 6e 28 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 61 3d 4f 62 6a 65 63 74 2e 61 73 73 69 67 6e 7c 7c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 66 6f 72 28 76 61 72 20 62 3d 31 3b 62 3c 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3b 62 2b 2b 29 7b 76 61 72 20 63 3d 61 72 67 75 6d 65 6e 74 73 5b 62 5d 3b 66 6f 72 28 76 61 72 20 64 20 69 6e 20 63 29 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 2e 68 61 73 4f 77 6e 50
                                                                                                                                                                                                                                                                                                                                  Data Ascii: Registered("SignalsFBEventsGuardrail",function(){return function(g,i,j,k){var l={exports:{}};l.exports;(function(){"use strict";var a=Object.assign||function(a){for(var b=1;b<arguments.length;b++){var c=arguments[b];for(var d in c)Object.prototype.hasOwnP
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:54 UTC1541INData Raw: 73 3a 62 2e 61 6c 6c 6f 77 4e 75 6c 6c 28 62 2e 61 72 72 61 79 4f 66 28 62 2e 73 74 72 69 6e 67 28 29 29 29 7d 29 29 2c 61 64 64 69 74 69 6f 6e 61 6c 55 73 65 72 44 61 74 61 3a 62 2e 61 6c 6c 6f 77 4e 75 6c 6c 28 62 2e 6f 62 6a 65 63 74 57 69 74 68 46 69 65 6c 64 73 28 7b 73 65 6e 64 46 42 4c 6f 67 69 6e 49 44 3a 62 2e 61 6c 6c 6f 77 4e 75 6c 6c 28 62 5b 22 62 6f 6f 6c 65 61 6e 22 5d 28 29 29 7d 29 29 7d 29 3b 6b 2e 65 78 70 6f 72 74 73 3d 61 7d 29 28 29 3b 72 65 74 75 72 6e 20 6b 2e 65 78 70 6f 72 74 73 7d 28 61 2c 62 2c 63 2c 64 29 7d 29 3b 66 2e 65 6e 73 75 72 65 4d 6f 64 75 6c 65 52 65 67 69 73 74 65 72 65 64 28 22 53 69 67 6e 61 6c 73 46 42 45 76 65 6e 74 73 4f 70 74 49 6e 22 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69
                                                                                                                                                                                                                                                                                                                                  Data Ascii: s:b.allowNull(b.arrayOf(b.string()))})),additionalUserData:b.allowNull(b.objectWithFields({sendFBLoginID:b.allowNull(b["boolean"]())}))});k.exports=a})();return k.exports}(a,b,c,d)});f.ensureModuleRegistered("SignalsFBEventsOptIn",function(){return functi
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:54 UTC14843INData Raw: 6c 3f 63 28 64 28 62 29 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 62 5b 61 5d 3d 3d 3d 21 30 7d 29 3a 5b 5d 7d 7d 5d 29 3b 72 65 74 75 72 6e 20 61 7d 28 29 3b 6c 2e 65 78 70 6f 72 74 73 3d 61 7d 29 28 29 3b 72 65 74 75 72 6e 20 6c 2e 65 78 70 6f 72 74 73 7d 28 61 2c 62 2c 63 2c 64 29 7d 29 3b 66 2e 65 6e 73 75 72 65 4d 6f 64 75 6c 65 52 65 67 69 73 74 65 72 65 64 28 22 53 69 67 6e 61 6c 73 46 42 45 76 65 6e 74 73 50 61 72 61 6c 6c 65 6c 46 69 72 65 43 6f 6e 66 69 67 54 79 70 65 64 65 66 22 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 67 2c 68 2c 69 2c 6a 29 7b 76 61 72 20 6b 3d 7b 65 78 70 6f 72 74 73 3a 7b 7d 7d 3b 6b 2e 65 78 70 6f 72 74 73 3b 28 66 75 6e 63 74 69 6f 6e 28 29 7b 22 75 73 65 20 73
                                                                                                                                                                                                                                                                                                                                  Data Ascii: l?c(d(b),function(a){return b[a]===!0}):[]}}]);return a}();l.exports=a})();return l.exports}(a,b,c,d)});f.ensureModuleRegistered("SignalsFBEventsParallelFireConfigTypedef",function(){return function(g,h,i,j){var k={exports:{}};k.exports;(function(){"use s
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:54 UTC16384INData Raw: 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 7d 29 29 72 65 74 75 72 6e 3b 66 3d 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 2e 63 61 6c 6c 28 62 2c 22 63 75 73 74 6f 6d 44 61 74 61 22 29 26 26 74 79 70 65 6f 66 20 62 2e 63 75 73 74 6f 6d 44 61 74 61 21 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 26 26 62 2e 63 75 73 74 6f 6d 44 61 74 61 21 3d 3d 6e 75 6c 6c 3b 66 7c 7c 28 62 2e 63 75 73 74 6f 6d 44 61 74 61 3d 7b 7d 29 3b 71 28 62 29 7d 6b 2e 65 78 70 6f 72 74 73 3d 72 7d 29 28 29 3b 72 65 74 75 72 6e 20 6b 2e 65 78 70 6f 72 74 73 7d 28 61 2c 62 2c 63 2c 64 29 7d 29 3b 66 2e 65 6e 73 75 72 65 4d 6f 64 75 6c 65 52 65 67 69 73 74 65 72 65 64 28 22 53 69 67 6e 61 6c 73 46 42 45 76 65 6e 74 73 53 65 6e 64 45 76
                                                                                                                                                                                                                                                                                                                                  Data Ascii: tion(a){return a}))return;f=Object.prototype.hasOwnProperty.call(b,"customData")&&typeof b.customData!=="undefined"&&b.customData!==null;f||(b.customData={});q(b)}k.exports=r})();return k.exports}(a,b,c,d)});f.ensureModuleRegistered("SignalsFBEventsSendEv
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:54 UTC16384INData Raw: 26 62 2e 70 75 73 68 28 73 5b 63 5d 29 3b 72 65 74 75 72 6e 20 62 7d 66 75 6e 63 74 69 6f 6e 20 76 28 61 2c 62 29 7b 69 66 28 61 3d 3d 6e 75 6c 6c 29 74 68 72 6f 77 20 6e 65 77 20 54 79 70 65 45 72 72 6f 72 28 22 20 61 72 72 61 79 20 69 73 20 6e 75 6c 6c 20 6f 72 20 6e 6f 74 20 64 65 66 69 6e 65 64 22 29 3b 61 3d 4f 62 6a 65 63 74 28 61 29 3b 76 61 72 20 63 3d 61 2e 6c 65 6e 67 74 68 3e 3e 3e 30 3b 69 66 28 74 79 70 65 6f 66 20 62 21 3d 3d 22 66 75 6e 63 74 69 6f 6e 22 29 74 68 72 6f 77 20 6e 65 77 20 54 79 70 65 45 72 72 6f 72 28 62 2b 22 20 69 73 20 6e 6f 74 20 61 20 66 75 6e 63 74 69 6f 6e 22 29 3b 76 61 72 20 64 3d 6e 65 77 20 41 72 72 61 79 28 63 29 2c 65 3d 30 3b 77 68 69 6c 65 28 65 3c 63 29 7b 76 61 72 20 66 3b 65 20 69 6e 20 61 26 26 28 66 3d 61
                                                                                                                                                                                                                                                                                                                                  Data Ascii: &b.push(s[c]);return b}function v(a,b){if(a==null)throw new TypeError(" array is null or not defined");a=Object(a);var c=a.length>>>0;if(typeof b!=="function")throw new TypeError(b+" is not a function");var d=new Array(c),e=0;while(e<c){var f;e in a&&(f=a


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  58192.168.2.749780142.251.2.1554437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:54 UTC1046OUTGET /pagead/viewthroughconversion/975652292/?label=p4zxCNq_8IkYEMSLndED&guid=ON&script=0&ct_cookie_present=false&random=410509906&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQIiAQFAAQ&pscrd=CLnc9JHh-P76OCITCIaknPO-2YUDFcT8_QUdYDUDfjICCAMyAggEMgIIBzICCAgyAggJMgIICjICCAIyAggLOhhodHRwczovL3d3dy50ZWxlcmlrLmNvbS8 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: googleads.g.doubleclick.net
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                                                                  X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: IDE=AHWqTUkWuMucKmweOSwmj7RW92pz4PKO8842RtsIxN0p7KUWBRm2nELl74IoNpUN
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:54 UTC998INHTTP/1.1 302 Found
                                                                                                                                                                                                                                                                                                                                  P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
                                                                                                                                                                                                                                                                                                                                  Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:54 GMT
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache, must-revalidate
                                                                                                                                                                                                                                                                                                                                  Location: https://www.google.com/pagead/1p-conversion/975652292/?label=p4zxCNq_8IkYEMSLndED&guid=ON&script=0&ct_cookie_present=false&random=410509906&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQIiAQFAAQ&pscrd=CLnc9JHh-P76OCITCIaknPO-2YUDFcT8_QUdYDUDfjICCAMyAggEMgIIBzICCAgyAggJMgIICjICCAIyAggLOhhodHRwczovL3d3dy50ZWxlcmlrLmNvbS8&is_vtc=1&cid=CAQSKQB7FLtqm_2Y7mhgr_4TT706Z25qzJIIuEtEWsQVeg8mFAIyjSrn8yEj&random=4068442111
                                                                                                                                                                                                                                                                                                                                  Content-Type: image/gif
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  Server: cafe
                                                                                                                                                                                                                                                                                                                                  Content-Length: 42
                                                                                                                                                                                                                                                                                                                                  X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:54 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                                                                  Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  59192.168.2.74979031.13.70.74437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:54 UTC1310OUTGET /signals/config/1444093252502226?v=2.9.154&r=stable&domain=www.telerik.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: connect.facebook.net
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:55 UTC1465INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/x-javascript; charset=utf-8
                                                                                                                                                                                                                                                                                                                                  timing-allow-origin: *
                                                                                                                                                                                                                                                                                                                                  reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
                                                                                                                                                                                                                                                                                                                                  report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
                                                                                                                                                                                                                                                                                                                                  content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
                                                                                                                                                                                                                                                                                                                                  document-policy: force-load-at-top
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:55 UTC1528INData Raw: 70 65 72 6d 69 73 73 69 6f 6e 73 2d 70 6f 6c 69 63 79 3a 20 61 63 63 65 6c 65 72 6f 6d 65 74 65 72 3d 28 29 2c 20 61 74 74 72 69 62 75 74 69 6f 6e 2d 72 65 70 6f 72 74 69 6e 67 3d 28 29 2c 20 61 75 74 6f 70 6c 61 79 3d 28 29 2c 20 62 6c 75 65 74 6f 6f 74 68 3d 28 29 2c 20 63 61 6d 65 72 61 3d 28 29 2c 20 63 68 2d 64 65 76 69 63 65 2d 6d 65 6d 6f 72 79 3d 28 29 2c 20 63 68 2d 64 6f 77 6e 6c 69 6e 6b 3d 28 29 2c 20 63 68 2d 64 70 72 3d 28 29 2c 20 63 68 2d 65 63 74 3d 28 29 2c 20 63 68 2d 72 74 74 3d 28 29 2c 20 63 68 2d 73 61 76 65 2d 64 61 74 61 3d 28 29 2c 20 63 68 2d 75 61 2d 61 72 63 68 3d 28 29 2c 20 63 68 2d 75 61 2d 62 69 74 6e 65 73 73 3d 28 29 2c 20 63 68 2d 76 69 65 77 70 6f 72 74 2d 68 65 69 67 68 74 3d 28 29 2c 20 63 68 2d 76 69 65 77 70 6f 72
                                                                                                                                                                                                                                                                                                                                  Data Ascii: permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewpor
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:55 UTC1500INData Raw: 2f 2a 2a 0a 2a 20 43 6f 70 79 72 69 67 68 74 20 28 63 29 20 32 30 31 37 2d 70 72 65 73 65 6e 74 2c 20 46 61 63 65 62 6f 6f 6b 2c 20 49 6e 63 2e 20 41 6c 6c 20 72 69 67 68 74 73 20 72 65 73 65 72 76 65 64 2e 0a 2a 0a 2a 20 59 6f 75 20 61 72 65 20 68 65 72 65 62 79 20 67 72 61 6e 74 65 64 20 61 20 6e 6f 6e 2d 65 78 63 6c 75 73 69 76 65 2c 20 77 6f 72 6c 64 77 69 64 65 2c 20 72 6f 79 61 6c 74 79 2d 66 72 65 65 20 6c 69 63 65 6e 73 65 20 74 6f 20 75 73 65 2c 0a 2a 20 63 6f 70 79 2c 20 6d 6f 64 69 66 79 2c 20 61 6e 64 20 64 69 73 74 72 69 62 75 74 65 20 74 68 69 73 20 73 6f 66 74 77 61 72 65 20 69 6e 20 73 6f 75 72 63 65 20 63 6f 64 65 20 6f 72 20 62 69 6e 61 72 79 20 66 6f 72 6d 20 66 6f 72 20 75 73 65 0a 2a 20 69 6e 20 63 6f 6e 6e 65 63 74 69 6f 6e 20 77 69
                                                                                                                                                                                                                                                                                                                                  Data Ascii: /*** Copyright (c) 2017-present, Facebook, Inc. All rights reserved.** You are hereby granted a non-exclusive, worldwide, royalty-free license to use,* copy, modify, and distribute this software in source code or binary form for use* in connection wi
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:55 UTC1500INData Raw: 75 72 6e 21 30 7d 28 29 29 72 65 74 75 72 6e 3b 76 61 72 20 67 3d 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 3d 3d 3d 22 66 75 6e 63 74 69 6f 6e 22 26 26 74 79 70 65 6f 66 20 28 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 3d 3d 3d 22 66 75 6e 63 74 69 6f 6e 22 3f 53 79 6d 62 6f 6c 2e 69 74 65 72 61 74 6f 72 3a 22 40 40 69 74 65 72 61 74 6f 72 22 29 3d 3d 3d 22 73 79 6d 62 6f 6c 22 3f 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 74 79 70 65 6f 66 20 61 7d 3a 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 26 26 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 3d 3d 3d 22 66 75 6e 63 74 69 6f 6e 22 26 26 61 2e 63 6f 6e 73 74 72 75 63 74 6f 72 3d 3d 3d 53 79 6d 62 6f 6c 26 26 61 21 3d 3d 28 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 3d 3d 3d 22 66 75 6e 63
                                                                                                                                                                                                                                                                                                                                  Data Ascii: urn!0}())return;var g=typeof Symbol==="function"&&typeof (typeof Symbol==="function"?Symbol.iterator:"@@iterator")==="symbol"?function(a){return typeof a}:function(a){return a&&typeof Symbol==="function"&&a.constructor===Symbol&&a!==(typeof Symbol==="func
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:55 UTC1500INData Raw: 4f 62 6a 65 63 74 2e 73 65 74 50 72 6f 74 6f 74 79 70 65 4f 66 3f 4f 62 6a 65 63 74 2e 73 65 74 50 72 6f 74 6f 74 79 70 65 4f 66 28 61 2c 62 29 3a 61 2e 5f 5f 70 72 6f 74 6f 5f 5f 3d 62 29 7d 66 75 6e 63 74 69 6f 6e 20 6c 28 61 2c 62 29 7b 69 66 28 21 28 61 20 69 6e 73 74 61 6e 63 65 6f 66 20 62 29 29 74 68 72 6f 77 20 6e 65 77 20 54 79 70 65 45 72 72 6f 72 28 22 43 61 6e 6e 6f 74 20 63 61 6c 6c 20 61 20 63 6c 61 73 73 20 61 73 20 61 20 66 75 6e 63 74 69 6f 6e 22 29 7d 66 2e 5f 5f 66 62 65 76 65 6e 74 73 4d 6f 64 75 6c 65 73 7c 7c 28 66 2e 5f 5f 66 62 65 76 65 6e 74 73 4d 6f 64 75 6c 65 73 3d 7b 7d 2c 66 2e 5f 5f 66 62 65 76 65 6e 74 73 52 65 73 6f 6c 76 65 64 4d 6f 64 75 6c 65 73 3d 7b 7d 2c 66 2e 67 65 74 46 62 65 76 65 6e 74 73 4d 6f 64 75 6c 65 73 3d
                                                                                                                                                                                                                                                                                                                                  Data Ascii: Object.setPrototypeOf?Object.setPrototypeOf(a,b):a.__proto__=b)}function l(a,b){if(!(a instanceof b))throw new TypeError("Cannot call a class as a function")}f.__fbeventsModules||(f.__fbeventsModules={},f.__fbeventsResolvedModules={},f.getFbeventsModules=
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:55 UTC1500INData Raw: 61 2e 70 69 78 65 6c 3b 61 3d 61 2e 73 68 6f 75 6c 64 45 78 74 72 61 63 74 55 73 65 72 44 61 74 61 3b 76 61 72 20 6b 3d 61 26 26 69 3d 3d 6e 75 6c 6c 3b 69 3d 63 28 7b 62 75 74 74 6f 6e 3a 65 2c 63 6f 6e 74 61 69 6e 65 72 45 6c 65 6d 65 6e 74 3a 6b 3f 68 3a 69 2c 73 68 6f 75 6c 64 45 78 74 72 61 63 74 55 73 65 72 44 61 74 61 3a 61 7d 29 3b 61 3d 64 28 29 3b 76 61 72 20 6c 3d 69 2e 66 6f 72 6d 46 69 65 6c 64 46 65 61 74 75 72 65 73 3b 69 3d 69 2e 75 73 65 72 44 61 74 61 3b 66 3d 7b 62 75 74 74 6f 6e 46 65 61 74 75 72 65 73 3a 66 2c 62 75 74 74 6f 6e 54 65 78 74 3a 67 2c 66 6f 72 6d 46 65 61 74 75 72 65 73 3a 6b 3f 5b 5d 3a 6c 2c 70 61 67 65 46 65 61 74 75 72 65 73 3a 61 2c 70 61 72 61 6d 65 74 65 72 73 3a 62 2e 74 72 69 67 67 65 72 28 7b 70 69 78 65 6c 3a
                                                                                                                                                                                                                                                                                                                                  Data Ascii: a.pixel;a=a.shouldExtractUserData;var k=a&&i==null;i=c({button:e,containerElement:k?h:i,shouldExtractUserData:a});a=d();var l=i.formFieldFeatures;i=i.userData;f={buttonFeatures:f,buttonText:g,formFeatures:k?[]:l,pageFeatures:a,parameters:b.trigger({pixel:
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:55 UTC1500INData Raw: 61 28 29 2c 6b 3d 5b 5d 2c 6c 3d 7b 7d 3b 69 66 28 68 3d 3d 6e 75 6c 6c 29 72 65 74 75 72 6e 7b 66 6f 72 6d 46 69 65 6c 64 46 65 61 74 75 72 65 73 3a 6b 2c 75 73 65 72 44 61 74 61 3a 6c 7d 3b 68 3d 68 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 65 29 3b 66 6f 72 28 76 61 72 20 6d 3d 30 3b 6d 3c 68 2e 6c 65 6e 67 74 68 3b 6d 2b 2b 29 7b 76 61 72 20 6e 3d 68 5b 6d 5d 3b 69 66 28 6e 20 69 6e 73 74 61 6e 63 65 6f 66 20 48 54 4d 4c 49 6e 70 75 74 45 6c 65 6d 65 6e 74 7c 7c 6e 20 69 6e 73 74 61 6e 63 65 6f 66 20 48 54 4d 4c 54 65 78 74 41 72 65 61 45 6c 65 6d 65 6e 74 7c 7c 6e 20 69 6e 73 74 61 6e 63 65 6f 66 20 48 54 4d 4c 53 65 6c 65 63 74 45 6c 65 6d 65 6e 74 7c 7c 6e 20 69 6e 73 74 61 6e 63 65 6f 66 20 48 54 4d 4c 42 75 74 74 6f 6e 45 6c 65 6d 65
                                                                                                                                                                                                                                                                                                                                  Data Ascii: a(),k=[],l={};if(h==null)return{formFieldFeatures:k,userData:l};h=h.querySelectorAll(e);for(var m=0;m<h.length;m++){var n=h[m];if(n instanceof HTMLInputElement||n instanceof HTMLTextAreaElement||n instanceof HTMLSelectElement||n instanceof HTMLButtonEleme
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:55 UTC1500INData Raw: 6e 74 73 5b 62 5d 3b 66 6f 72 28 76 61 72 20 64 20 69 6e 20 63 29 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 2e 63 61 6c 6c 28 63 2c 64 29 26 26 28 61 5b 64 5d 3d 63 5b 64 5d 29 7d 72 65 74 75 72 6e 20 61 7d 2c 62 3d 66 2e 67 65 74 46 62 65 76 65 6e 74 73 4d 6f 64 75 6c 65 73 28 22 53 69 67 6e 61 6c 73 46 42 45 76 65 6e 74 73 55 74 69 6c 73 22 29 2c 63 3d 62 2e 65 61 63 68 2c 64 3d 2f 5b 5e 5c 73 5c 22 5d 2f 2c 65 3d 2f 5b 5e 5c 73 3a 2b 5c 22 5d 2f 3b 66 75 6e 63 74 69 6f 6e 20 67 28 62 2c 63 2c 66 29 7b 69 66 28 66 3d 3d 6e 75 6c 6c 29 72 65 74 75 72 6e 20 64 2e 74 65 73 74 28 63 29 3f 63 3d 3d 3d 22 40 22 3f 6e 75 6c 6c 3a 7b 73 74 61 72 74 3a 62 2c 75 73 65 72 4f 72 44 6f 6d 61 69 6e 3a 22 75 73 65 72
                                                                                                                                                                                                                                                                                                                                  Data Ascii: nts[b];for(var d in c)Object.prototype.hasOwnProperty.call(c,d)&&(a[d]=c[d])}return a},b=f.getFbeventsModules("SignalsFBEventsUtils"),c=b.each,d=/[^\s\"]/,e=/[^\s:+\"]/;function g(b,c,f){if(f==null)return d.test(c)?c==="@"?null:{start:b,userOrDomain:"user
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:55 UTC1500INData Raw: 2e 5f 72 61 74 65 4d 53 3d 63 7d 68 28 62 2c 5b 7b 6b 65 79 3a 22 5f 70 61 73 73 65 73 54 68 72 6f 74 74 6c 65 49 6d 70 6c 22 2c 76 61 6c 75 65 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 61 3d 74 68 69 73 2e 5f 6c 61 73 74 41 72 67 73 3b 69 66 28 61 3d 3d 6e 75 6c 6c 29 72 65 74 75 72 6e 21 30 3b 76 61 72 20 62 3d 44 61 74 65 2e 6e 6f 77 28 29 2c 63 3d 62 2d 74 68 69 73 2e 5f 6c 61 73 74 54 69 6d 65 3b 69 66 28 63 3e 3d 74 68 69 73 2e 5f 72 61 74 65 4d 53 29 72 65 74 75 72 6e 21 30 3b 66 6f 72 28 76 61 72 20 64 3d 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 2c 65 3d 41 72 72 61 79 28 64 29 2c 66 3d 30 3b 66 3c 64 3b 66 2b 2b 29 65 5b 66 5d 3d 61 72 67 75 6d 65 6e 74 73 5b 66 5d 3b 69 66 28 61 2e 6c 65 6e 67 74 68 21 3d 3d 65 2e 6c 65 6e 67 74 68
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ._rateMS=c}h(b,[{key:"_passesThrottleImpl",value:function(){var a=this._lastArgs;if(a==null)return!0;var b=Date.now(),c=b-this._lastTime;if(c>=this._rateMS)return!0;for(var d=arguments.length,e=Array(d),f=0;f<d;f++)e[f]=arguments[f];if(a.length!==e.length
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:55 UTC1500INData Raw: 2e 67 65 74 46 62 65 76 65 6e 74 73 4d 6f 64 75 6c 65 73 28 22 73 69 67 6e 61 6c 73 46 42 45 76 65 6e 74 73 45 78 74 72 61 63 74 46 72 6f 6d 49 6e 70 75 74 73 22 29 2c 42 3d 6e 65 77 20 74 28 29 2c 43 3d 66 2e 67 65 74 46 62 65 76 65 6e 74 73 4d 6f 64 75 6c 65 73 28 22 73 69 67 6e 61 6c 73 46 42 45 76 65 6e 74 73 44 6f 41 75 74 6f 6d 61 74 69 63 4d 61 74 63 68 69 6e 67 22 29 2c 44 3d 31 30 30 3b 66 75 6e 63 74 69 6f 6e 20 45 28 61 2c 62 29 7b 72 65 74 75 72 6e 20 62 21 3d 6e 75 6c 6c 26 26 62 2e 62 75 74 74 6f 6e 53 65 6c 65 63 74 6f 72 3d 3d 3d 22 65 78 74 65 6e 64 65 64 22 7d 66 75 6e 63 74 69 6f 6e 20 46 28 62 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 63 29 7b 69 66 28 62 2e 64 69 73 61 62 6c 65 41 75 74 6f 43 6f 6e 66 69 67 29 72 65 74 75
                                                                                                                                                                                                                                                                                                                                  Data Ascii: .getFbeventsModules("signalsFBEventsExtractFromInputs"),B=new t(),C=f.getFbeventsModules("signalsFBEventsDoAutomaticMatching"),D=100;function E(a,b){return b!=null&&b.buttonSelector==="extended"}function F(b){return function(c){if(b.disableAutoConfig)retu
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:55 UTC1500INData Raw: 29 2c 63 29 2c 63 2e 65 78 74 72 61 63 74 50 49 49 3d 47 2c 65 29 2c 6a 28 63 2c 64 29 7d 72 65 74 75 72 6e 20 62 7d 28 62 29 3b 65 2e 65 78 70 6f 72 74 73 3d 6e 65 77 20 75 28 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 63 2e 6c 69 73 74 65 6e 4f 6e 63 65 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 61 3d 77 28 46 28 62 29 29 3b 68 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 3f 68 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 63 6c 69 63 6b 22 2c 61 2c 7b 63 61 70 74 75 72 65 3a 21 30 2c 6f 6e 63 65 3a 21 31 2c 70 61 73 73 69 76 65 3a 21 30 7d 29 3a 67 2e 61 74 74 61 63 68 45 76 65 6e 74 28 22 6f 6e 63 6c 69 63 6b 22 2c 61 29 7d 29 2c 6d 2e 6c 69 73 74 65 6e 28 66 75 6e 63 74 69 6f 6e 28 61 2c 63 2c 64 29 7b 72 65 74 75 72 6e 20 47 28
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ),c),c.extractPII=G,e),j(c,d)}return b}(b);e.exports=new u(function(a,b){c.listenOnce(function(){var a=w(F(b));h.addEventListener?h.addEventListener("click",a,{capture:!0,once:!1,passive:!0}):g.attachEvent("onclick",a)}),m.listen(function(a,c,d){return G(


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  60192.168.2.7497943.248.162.964437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:55 UTC1882OUTPOST /mon HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: obseu.ytwohlcq.telerik.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  Content-Length: 2025
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _ga=GA1.1.925834404.1713914987; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A49+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=0&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjpmYWxzZX0=; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; cg_uuid=490a579c4dfc5a03b8ee2ef3e0a6a990; _cq_pxg=3|594323327|975652292|event=conversion; _ga_9JSNBCSF54=GS1.1.1713914987.1.0.1713914991.56.0.0
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:55 UTC2025OUTData Raw: 65 3d 33 37 64 66 62 64 38 65 65 38 34 65 30 30 31 32 36 62 65 64 63 65 33 34 65 65 34 65 38 33 39 66 39 32 32 35 63 32 34 66 35 36 37 64 34 33 64 36 64 61 31 39 30 38 62 65 36 32 34 35 63 61 64 37 62 64 37 30 61 39 37 36 37 31 30 63 65 36 30 65 64 38 39 33 37 33 62 66 65 37 30 65 39 63 32 30 63 31 65 35 33 65 38 64 35 64 31 36 38 62 36 61 32 66 31 37 30 37 31 61 31 30 61 63 66 39 66 32 39 66 36 37 34 64 38 62 38 33 64 38 30 32 32 62 33 36 34 38 66 61 32 63 32 31 35 37 38 32 36 61 64 66 36 31 39 35 30 63 36 35 35 30 32 31 63 36 30 34 30 33 30 61 33 35 35 35 35 39 39 37 62 37 36 32 34 66 37 37 62 65 32 36 62 62 32 35 63 62 34 33 65 32 39 32 33 65 66 34 34 63 36 65 61 61 31 33 32 63 37 61 31 34 63 34 35 30 65 61 35 34 65 32 38 35 39 32 39 63 36 38 66 33 37
                                                                                                                                                                                                                                                                                                                                  Data Ascii: e=37dfbd8ee84e00126bedce34ee4e839f9225c24f567d43d6da1908be6245cad7bd70a976710ce60ed89373bfe70e9c20c1e53e8d5d168b6a2f17071a10acf9f29f674d8b83d8022b3648fa2c2157826adf61950c655021c604030a35555997b7624f77be26bb25cb43e2923ef44c6eaa132c7a14c450ea54e285929c68f37
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:55 UTC282INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/json
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:55 GMT
                                                                                                                                                                                                                                                                                                                                  Connection: close


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  61192.168.2.7497933.248.162.964437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:55 UTC3489OUTGET /tracker/tc_imp.gif?e=37dfbd8ee84e00126bedce34ee4e839f9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5d168b6a2f17071a10acf9f29f674d8b83d8022b3648fa2c2157826adf61950c655021c604030a35555997b7624f77be26bb25cb43e2923ef44c6eaa132c7a14c450ea54e285929c68f37950aa2084ba5f7ff35b7b1a2d18c8c9077af562b7818fbd1910fa0a9fc95df820da75c45b956279f02b01f2040e0228d2595fe69fe0a100ba2f965f980cf64d766dbad1276140023df819958d45a95f60e8e4e47116253bc6f57662d4dd09012b4576190bb98e32606d64f5ac183bd5b4f02d97fe58740f30b9e4f0d58a7dacd5880bbf51ca5c6b369cbcc8bcf630c48db3639e335bd8f9cb284c1fa3616daa820876b08de97e8a03fa42ae965d8013d9c56d9c7c71d6da2dc77ad795afedcbbabf4c68af74a8e8a5744e60e3943dcceb13e75a1058830906d092cecccaec9426873ac792f5c638e87b3b6cd7366b8493925f2adca82bf853b5c11fd837ae3d1a0b63fd76f14ddc87f62cf6c72fc45cbfd9929b77895d437ded59041326093e89ec62be058c8cb123ab9975f6996c94c2e5fd6984b5e4496d7384a90604d7f7471a07f7cdec3ff164de9308fdea3cbb7ea5399657d014d3b63dc01b24edaf966f3738721f385d0e64f6b8d932967be357445134eaa85d9dc40a0695b9dfbabc6cdeece4fc84f0b3f04b4f3ffb5b87b6596d855f6607ca605b7570eb7daf7674def99526d334c52f99aa32ccbf0c9a720e25290a7b0dd884998d5a3c0df3111e90d58de2d68041198cf3f824c2dd7969d9cc133b68fa98d85228bf209b1fe873aa4bce72a4ba14acba6e93efedc0845526aab96f718864a793b1ac179f6535120c9c6f5d30cad23be79a628bf9c69020ce8e86641c2b55fc7dfd17a03edf9d7bd4761a334b3a616db50bcad04f0aea3e84feaa6bbb9a1ad52b2dbd1b7e308dbc844848e470f58e10da1b234017ed292683b3c52896027c888f10bdcd9da2c250d05d49304ab12474409691104ee57fb4ab833f85d0f01c023ff128320204d30501a58be41916947e638ad4fe01bb88e59c027be467a90d3c07900d7632&cri=aUHD7PzVvl&ts=3552&cb=1713914991290 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: obseu.ytwohlcq.telerik.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _ga=GA1.1.925834404.1713914987; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A49+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=0&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjpmYWxzZX0=; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; cg_uuid=490a579c4dfc5a03b8ee2ef3e0a6a990; _cq_pxg=3|594323327|975652292|event=conversion; _ga_9JSNBCSF54=GS1.1.1713914987.1.0.1713914991.56.0.0
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:55 UTC230INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                                                                                                                  Content-Length: 43
                                                                                                                                                                                                                                                                                                                                  Content-Type: image/gif
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:55 GMT
                                                                                                                                                                                                                                                                                                                                  Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:55 UTC43INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 db df ef 00 00 00 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 02 44 01 00 3b
                                                                                                                                                                                                                                                                                                                                  Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  62192.168.2.749797142.251.2.1554437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:55 UTC1609OUTGET /pagead/viewthroughconversion/975652292/?random=1608824865&cv=11&fst=1713914991222&bg=ffffff&guid=ON&async=1&gtm=45je44m0v9167661709za200&gcs=G111&gcd=13v3v3v3v5&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&label=p4zxCNq_8IkYEMSLndED&hn=www.googleadservices.com&frm=0&tiba=First%20run&gtm_ee=1&npa=0&pscdl=noapi&auid=571138784.1713914988&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.134%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.134&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIImMGxAiIBAUABSixldmVudC1zb3VyY2UsIHRyaWdnZXIsIG5vdC1uYXZpZ2F0aW9uLXNvdXJjZWIECgICAw&pscrd=CM734vW9jPGD2wEiEwiYjafzvtmFAxXI27gIHex4DsMyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggCMgIICzoYaHR0cHM6Ly93d3cudGVsZXJpay5jb20v HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: googleads.g.doubleclick.net
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                                                                  X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: IDE=AHWqTUkWuMucKmweOSwmj7RW92pz4PKO8842RtsIxN0p7KUWBRm2nELl74IoNpUN
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:55 UTC1561INHTTP/1.1 302 Found
                                                                                                                                                                                                                                                                                                                                  P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
                                                                                                                                                                                                                                                                                                                                  Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:55 GMT
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache, must-revalidate
                                                                                                                                                                                                                                                                                                                                  Location: https://www.google.com/pagead/1p-conversion/975652292/?random=1608824865&cv=11&fst=1713914991222&bg=ffffff&guid=ON&async=1&gtm=45je44m0v9167661709za200&gcs=G111&gcd=13v3v3v3v5&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&label=p4zxCNq_8IkYEMSLndED&hn=www.googleadservices.com&frm=0&tiba=First%20run&gtm_ee=1&npa=0&pscdl=noapi&auid=571138784.1713914988&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.134%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.134&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIImMGxAiIBAUABSixldmVudC1zb3VyY2UsIHRyaWdnZXIsIG5vdC1uYXZpZ2F0aW9uLXNvdXJjZWIECgICAw&pscrd=CM734vW9jPGD2wEiEwiYjafzvtmFAxXI27gIHex4DsMyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggCMgIICzoYaHR0cHM6Ly93d3cudGVsZXJpay5jb20v&is_vtc=1&cid=CAQSKQB7FLtqTO4M5I36ifJXChJVuy-H36QKhxR0sa1VYuN8TZngHcOzzy-1&random=1494915262
                                                                                                                                                                                                                                                                                                                                  Content-Type: image/gif
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  Server: cafe
                                                                                                                                                                                                                                                                                                                                  Content-Length: 42
                                                                                                                                                                                                                                                                                                                                  X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:55 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                                                                  Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  63192.168.2.749798142.250.141.1064437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:55 UTC1039OUTGET /pagead/1p-conversion/975652292/?label=p4zxCNq_8IkYEMSLndED&guid=ON&script=0&ct_cookie_present=false&random=410509906&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQIiAQFAAQ&pscrd=CLnc9JHh-P76OCITCIaknPO-2YUDFcT8_QUdYDUDfjICCAMyAggEMgIIBzICCAgyAggJMgIICjICCAIyAggLOhhodHRwczovL3d3dy50ZWxlcmlrLmNvbS8&is_vtc=1&cid=CAQSKQB7FLtqm_2Y7mhgr_4TT706Z25qzJIIuEtEWsQVeg8mFAIyjSrn8yEj&random=4068442111 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: www.google.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                                                                  X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:55 UTC602INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
                                                                                                                                                                                                                                                                                                                                  Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:55 GMT
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                                                                                                                  Content-Type: image/gif
                                                                                                                                                                                                                                                                                                                                  Content-Security-Policy: script-src 'none'; object-src 'none'
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  Server: cafe
                                                                                                                                                                                                                                                                                                                                  Content-Length: 42
                                                                                                                                                                                                                                                                                                                                  X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:55 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                                                                  Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  64192.168.2.74980013.107.213.694437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:55 UTC530OUTGET /tag/uet/223000243 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: www.clarity.ms
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:56 UTC528INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:56 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/x-javascript
                                                                                                                                                                                                                                                                                                                                  Content-Length: 846
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache, no-store
                                                                                                                                                                                                                                                                                                                                  Expires: -1
                                                                                                                                                                                                                                                                                                                                  Set-Cookie: CLID=2a63f70e8ac245f79a80d75f53b3453d.20240423.20250423; expires=Wed, 23 Apr 2025 23:29:56 GMT; path=/; secure; samesite=none; httponly
                                                                                                                                                                                                                                                                                                                                  Request-Context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
                                                                                                                                                                                                                                                                                                                                  x-azure-ref: 20240423T232955Z-168bb8d798b4bst68753kwrwcg000000016g000000009z6b
                                                                                                                                                                                                                                                                                                                                  X-Cache: CONFIG_NOCACHE
                                                                                                                                                                                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:56 UTC846INData Raw: 21 66 75 6e 63 74 69 6f 6e 28 63 2c 6c 2c 61 2c 72 2c 69 2c 74 2c 79 29 7b 61 5b 63 5d 3d 61 5b 63 5d 7c 7c 66 75 6e 63 74 69 6f 6e 28 29 7b 28 61 5b 63 5d 2e 71 3d 61 5b 63 5d 2e 71 7c 7c 5b 5d 29 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 7d 3b 66 75 6e 63 74 69 6f 6e 20 73 79 6e 63 28 29 7b 28 6e 65 77 20 49 6d 61 67 65 29 2e 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 2e 63 6c 61 72 69 74 79 2e 6d 73 2f 63 2e 67 69 66 22 7d 22 63 6f 6d 70 6c 65 74 65 22 3d 3d 64 6f 63 75 6d 65 6e 74 2e 72 65 61 64 79 53 74 61 74 65 3f 73 79 6e 63 28 29 3a 77 69 6e 64 6f 77 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 6c 6f 61 64 22 2c 73 79 6e 63 29 3b 61 5b 63 5d 28 22 6d 65 74 61 64 61 74 61 22 2c 28 66 75 6e 63 74 69 6f 6e 28 29 7b 61 5b 63 5d 28 22
                                                                                                                                                                                                                                                                                                                                  Data Ascii: !function(c,l,a,r,i,t,y){a[c]=a[c]||function(){(a[c].q=a[c].q||[]).push(arguments)};function sync(){(new Image).src="https://c.clarity.ms/c.gif"}"complete"==document.readyState?sync():window.addEventListener("load",sync);a[c]("metadata",(function(){a[c]("


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  65192.168.2.749801142.250.141.1064437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:56 UTC1602OUTGET /pagead/1p-conversion/975652292/?random=1608824865&cv=11&fst=1713914991222&bg=ffffff&guid=ON&async=1&gtm=45je44m0v9167661709za200&gcs=G111&gcd=13v3v3v3v5&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&label=p4zxCNq_8IkYEMSLndED&hn=www.googleadservices.com&frm=0&tiba=First%20run&gtm_ee=1&npa=0&pscdl=noapi&auid=571138784.1713914988&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.134%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.134&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIImMGxAiIBAUABSixldmVudC1zb3VyY2UsIHRyaWdnZXIsIG5vdC1uYXZpZ2F0aW9uLXNvdXJjZWIECgICAw&pscrd=CM734vW9jPGD2wEiEwiYjafzvtmFAxXI27gIHex4DsMyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggCMgIICzoYaHR0cHM6Ly93d3cudGVsZXJpay5jb20v&is_vtc=1&cid=CAQSKQB7FLtqTO4M5I36ifJXChJVuy-H36QKhxR0sa1VYuN8TZngHcOzzy-1&random=1494915262 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: www.google.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                                                                  X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:56 UTC602INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
                                                                                                                                                                                                                                                                                                                                  Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:56 GMT
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                                                                                                                  Content-Type: image/gif
                                                                                                                                                                                                                                                                                                                                  Content-Security-Policy: script-src 'none'; object-src 'none'
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  Server: cafe
                                                                                                                                                                                                                                                                                                                                  Content-Length: 42
                                                                                                                                                                                                                                                                                                                                  X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:56 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                                                                  Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  66192.168.2.74979913.107.213.694437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:56 UTC597OUTGET /s/0.7.31/clarity.js HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: www.clarity.ms
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: CLID=2a63f70e8ac245f79a80d75f53b3453d.20240423.20250423
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:56 UTC619INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:56 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/javascript;charset=utf-8
                                                                                                                                                                                                                                                                                                                                  Content-Length: 62389
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                  Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                  Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                  Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                  Last-Modified: Mon, 22 Apr 2024 19:19:24 GMT
                                                                                                                                                                                                                                                                                                                                  ETag: "0x8DC63011F10BC93"
                                                                                                                                                                                                                                                                                                                                  x-ms-request-id: 3fd7b849-101e-0065-7109-95809f000000
                                                                                                                                                                                                                                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  x-azure-ref: 20240423T232956Z-168bb8d798blg7kwxx8chnnwps00000005pg000000012dhn
                                                                                                                                                                                                                                                                                                                                  Cache-Control: public, max-age=86400
                                                                                                                                                                                                                                                                                                                                  x-fd-int-roxy-purgeid: 51562430
                                                                                                                                                                                                                                                                                                                                  X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:56 UTC15765INData Raw: 2f 2a 20 63 6c 61 72 69 74 79 2d 6a 73 20 76 30 2e 37 2e 33 31 3a 20 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 63 6f 6d 2f 6d 69 63 72 6f 73 6f 66 74 2f 63 6c 61 72 69 74 79 20 28 4c 69 63 65 6e 73 65 3a 20 4d 49 54 29 20 2a 2f 0d 0a 21 66 75 6e 63 74 69 6f 6e 28 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 74 3d 4f 62 6a 65 63 74 2e 66 72 65 65 7a 65 28 7b 5f 5f 70 72 6f 74 6f 5f 5f 3a 6e 75 6c 6c 2c 67 65 74 20 71 75 65 75 65 28 29 7b 72 65 74 75 72 6e 20 55 61 7d 2c 67 65 74 20 73 74 61 72 74 28 29 7b 72 65 74 75 72 6e 20 71 61 7d 2c 67 65 74 20 73 74 6f 70 28 29 7b 72 65 74 75 72 6e 20 46 61 7d 2c 67 65 74 20 74 72 61 63 6b 28 29 7b 72 65 74 75 72 6e 20 48 61 7d 7d 29 2c 65 3d 4f 62 6a 65 63 74 2e 66 72 65 65 7a 65 28 7b 5f 5f 70 72 6f
                                                                                                                                                                                                                                                                                                                                  Data Ascii: /* clarity-js v0.7.31: https://github.com/microsoft/clarity (License: MIT) */!function(){"use strict";var t=Object.freeze({__proto__:null,get queue(){return Ua},get start(){return qa},get stop(){return Fa},get track(){return Ha}}),e=Object.freeze({__pro
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:56 UTC16384INData Raw: 3d 61 2e 74 61 67 2e 74 6f 55 70 70 65 72 43 61 73 65 28 29 3b 73 77 69 74 63 68 28 21 30 29 7b 63 61 73 65 20 50 74 2e 69 6e 64 65 78 4f 66 28 75 29 3e 3d 30 3a 76 61 72 20 63 3d 6f 2e 74 79 70 65 2c 73 3d 22 22 3b 4f 62 6a 65 63 74 2e 6b 65 79 73 28 6f 29 2e 66 6f 72 45 61 63 68 28 28 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 73 2b 3d 6f 5b 74 5d 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 7d 29 29 3b 76 61 72 20 6c 3d 7a 74 2e 73 6f 6d 65 28 28 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 73 2e 69 6e 64 65 78 4f 66 28 74 29 3e 3d 30 7d 29 29 3b 72 2e 70 72 69 76 61 63 79 3d 22 49 4e 50 55 54 22 3d 3d 3d 75 26 26 48 74 2e 69 6e 64 65 78 4f 66 28 63 29 3e 3d 30 3f 69 3a 6c 3f 34 3a 32 3b 62 72 65 61 6b 3b 63 61 73 65 22 64 61 74
                                                                                                                                                                                                                                                                                                                                  Data Ascii: =a.tag.toUpperCase();switch(!0){case Pt.indexOf(u)>=0:var c=o.type,s="";Object.keys(o).forEach((function(t){return s+=o[t].toLowerCase()}));var l=zt.some((function(t){return s.indexOf(t)>=0}));r.privacy="INPUT"===u&&Ht.indexOf(c)>=0?i:l?4:2;break;case"dat


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  67192.168.2.74980431.13.70.364437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:56 UTC847OUTGET /tr/?id=1444093252502226&ev=CHEQ&dl=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&rl=&if=false&ts=1713914994454&sw=1280&sh=1024&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1713914994453.110516813&ler=empty&cdl=API_unavailable&it=1713914993541&coo=false&rqm=GET HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: www.facebook.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:56 UTC469INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin:
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                                                                  cross-origin-resource-policy: cross-origin
                                                                                                                                                                                                                                                                                                                                  Server: proxygen-bolt
                                                                                                                                                                                                                                                                                                                                  X-FB-Connection-Quality: MODERATE; q=0.3, rtt=159, rtx=0, c=10, mss=1277, tbw=3402, tp=-1, tpl=-1, uplat=0, ullat=0
                                                                                                                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:56 GMT
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Content-Length: 0


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  68192.168.2.74980331.13.70.364437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:56 UTC957OUTGET /privacy_sandbox/pixel/register/trigger/?id=1444093252502226&ev=CHEQ&dl=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&rl=&if=false&ts=1713914994454&sw=1280&sh=1024&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1713914994453.110516813&ler=empty&cdl=API_unavailable&it=1713914993541&coo=false&rqm=FGET HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: www.facebook.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                                                                  Attribution-Reporting-Eligible: event-source, trigger=navigation-source
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:56 UTC948INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                  Content-Type: image/png
                                                                                                                                                                                                                                                                                                                                  reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
                                                                                                                                                                                                                                                                                                                                  report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:56 UTC1903INData Raw: 63 6f 6e 74 65 6e 74 2d 73 65 63 75 72 69 74 79 2d 70 6f 6c 69 63 79 3a 20 64 65 66 61 75 6c 74 2d 73 72 63 20 64 61 74 61 3a 20 62 6c 6f 62 3a 20 27 73 65 6c 66 27 20 68 74 74 70 73 3a 2f 2f 2a 2e 66 62 73 62 78 2e 63 6f 6d 20 27 75 6e 73 61 66 65 2d 69 6e 6c 69 6e 65 27 20 2a 2e 66 61 63 65 62 6f 6f 6b 2e 63 6f 6d 20 2a 2e 66 62 63 64 6e 2e 6e 65 74 20 27 75 6e 73 61 66 65 2d 65 76 61 6c 27 3b 73 63 72 69 70 74 2d 73 72 63 20 2a 2e 66 61 63 65 62 6f 6f 6b 2e 63 6f 6d 20 2a 2e 66 62 63 64 6e 2e 6e 65 74 20 2a 2e 66 61 63 65 62 6f 6f 6b 2e 6e 65 74 20 31 32 37 2e 30 2e 30 2e 31 3a 2a 20 27 75 6e 73 61 66 65 2d 69 6e 6c 69 6e 65 27 20 62 6c 6f 62 3a 20 64 61 74 61 3a 20 27 73 65 6c 66 27 20 63 6f 6e 6e 65 63 74 2e 66 61 63 65 62 6f 6f 6b 2e 6e 65 74 20 27
                                                                                                                                                                                                                                                                                                                                  Data Ascii: content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net '
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:56 UTC1580INData Raw: 70 65 72 6d 69 73 73 69 6f 6e 73 2d 70 6f 6c 69 63 79 3a 20 61 63 63 65 6c 65 72 6f 6d 65 74 65 72 3d 28 29 2c 20 61 74 74 72 69 62 75 74 69 6f 6e 2d 72 65 70 6f 72 74 69 6e 67 3d 28 73 65 6c 66 29 2c 20 61 75 74 6f 70 6c 61 79 3d 28 29 2c 20 62 6c 75 65 74 6f 6f 74 68 3d 28 29 2c 20 63 61 6d 65 72 61 3d 28 73 65 6c 66 29 2c 20 63 68 2d 64 65 76 69 63 65 2d 6d 65 6d 6f 72 79 3d 28 29 2c 20 63 68 2d 64 6f 77 6e 6c 69 6e 6b 3d 28 29 2c 20 63 68 2d 64 70 72 3d 28 29 2c 20 63 68 2d 65 63 74 3d 28 29 2c 20 63 68 2d 72 74 74 3d 28 29 2c 20 63 68 2d 73 61 76 65 2d 64 61 74 61 3d 28 29 2c 20 63 68 2d 75 61 2d 61 72 63 68 3d 28 29 2c 20 63 68 2d 75 61 2d 62 69 74 6e 65 73 73 3d 28 29 2c 20 63 68 2d 76 69 65 77 70 6f 72 74 2d 68 65 69 67 68 74 3d 28 29 2c 20 63 68
                                                                                                                                                                                                                                                                                                                                  Data Ascii: permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:56 UTC69INData Raw: 34 33 0d 0a 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 01 00 00 00 01 08 04 00 00 00 b5 1c 0c 02 00 00 00 0a 49 44 41 54 78 9c 63 00 01 00 00 05 00 01 0d 0a 2d b4 00 00 00 00 49 45 4e 44 ae 42
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 43PNGIHDRIDATxc-IENDB
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:56 UTC9INData Raw: 60 82 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                                                                  Data Ascii: `0


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  69192.168.2.7498023.248.162.964437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:56 UTC1882OUTPOST /mon HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: obseu.ytwohlcq.telerik.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  Content-Length: 2022
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _ga=GA1.1.925834404.1713914987; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A49+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=0&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjpmYWxzZX0=; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; cg_uuid=490a579c4dfc5a03b8ee2ef3e0a6a990; _cq_pxg=3|594323327|975652292|event=conversion; _ga_9JSNBCSF54=GS1.1.1713914987.1.0.1713914991.56.0.0
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:56 UTC2022OUTData Raw: 65 3d 33 37 64 66 62 64 38 65 65 38 34 65 30 30 31 32 36 62 65 64 63 65 33 34 65 65 34 65 38 33 39 66 39 32 32 35 63 32 34 66 35 36 37 64 34 33 64 36 64 61 31 39 30 38 62 65 36 32 34 35 63 61 64 37 62 64 37 30 61 39 37 36 37 31 30 63 65 36 30 65 64 38 39 33 37 33 62 66 65 37 30 65 39 63 32 30 63 31 65 35 33 65 38 64 35 64 31 36 38 62 36 61 32 66 31 37 30 37 31 61 31 30 61 63 66 39 66 32 39 66 36 37 34 64 38 62 38 33 64 38 30 32 32 62 33 36 34 38 66 61 32 63 32 31 35 37 38 32 36 61 64 66 36 31 39 35 30 63 36 35 35 30 32 31 63 36 30 34 30 33 30 61 33 35 35 35 35 39 39 37 62 37 36 32 34 66 37 37 62 65 32 36 62 62 32 35 63 62 34 33 65 32 39 32 33 65 66 34 34 63 36 65 61 61 31 33 32 63 37 61 31 34 63 34 35 30 65 61 35 34 65 32 38 35 39 32 39 63 36 38 66 33 37
                                                                                                                                                                                                                                                                                                                                  Data Ascii: e=37dfbd8ee84e00126bedce34ee4e839f9225c24f567d43d6da1908be6245cad7bd70a976710ce60ed89373bfe70e9c20c1e53e8d5d168b6a2f17071a10acf9f29f674d8b83d8022b3648fa2c2157826adf61950c655021c604030a35555997b7624f77be26bb25cb43e2923ef44c6eaa132c7a14c450ea54e285929c68f37
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:57 UTC282INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/json
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:57 GMT
                                                                                                                                                                                                                                                                                                                                  Connection: close


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  70192.168.2.74980650.56.19.1124437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:56 UTC2373OUTGET /download/fiddler/first-run HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  Cache-Control: max-age=0
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: document
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/download/fiddler/first-run
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _ga=GA1.1.925834404.1713914987; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-tracking-consent=true; sf-prs-ss=638495117894670000; sf-prs-lu=https://www.telerik.com/download/fiddler/first-run; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; sf-ins-pv-id=9e7d323c-2538-449c-935b-bc72383359ee; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjpmYWxzZX0=; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; _cq_pxg=3|594323327|975652292|event=conversion; _ga_9JSNBCSF54=GS1.1.1713914987.1.0.1713914991.56.0.0; elqUserId=a19fc914-6c53-4783-a26e-ba38f50b2a88; _uetsid=62ec1d5001c911ef8802d7a3fb1ea1ce; _uetvid=62ec671001c911ef89dd470cec5d38bd; _fbp=fb.1.1713914994453.110516813; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A55+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=1&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1; ki_t=1713914995146%3B1713914995146%3B1713914995146%3B1%3B1; ki_r=
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:57 UTC448INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                                                                                                                  Expires: -1
                                                                                                                                                                                                                                                                                                                                  Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: http://localconverter.telerik.com
                                                                                                                                                                                                                                                                                                                                  Date: Mon, 02 Dec 2024 23:56:19 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Length: 63475
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:57 UTC15936INData Raw: 20 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 20 3c 68 74 6d 6c 20 69 64 3d 22 68 74 6d 6c 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 20 3c 68 65 61 64 3e 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 20 2f 3e 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 68 74 6d 6c 22 20 69 64 3d 22 73 66 2d 74 72 61 63 6b 69 6e 67 2d 63 6f 6e 73 65 6e 74 2d 6d 61 6e 61 67 65 72 22 3e 0d 0a 09 3c 64 69 76 20 69 64 3d 22 74 72 61 63 6b 69 6e 67 2d 63 6f 6e 73 65 6e 74 2d 64 69 61 6c 6f 67 22 20 73 74 79 6c 65 3d 22 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 22 20 2f 3e 0d 0a 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 2f 57 65 62 52 65 73 6f 75 72 63 65 2e 61 78
                                                                                                                                                                                                                                                                                                                                  Data Ascii: <!doctype html> <html id="html" lang="en"> <head> <meta charset="utf-8" /><script type="text/html" id="sf-tracking-consent-manager"><div id="tracking-consent-dialog" style="display:none" /></script><script type="text/javascript" src="/WebResource.ax
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:57 UTC1011INData Raw: 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 6f 6e 76 65 72 74 65 72 2e 74 65 6c 65 72 69 6b 2e 63 6f 6d 22 20 63 6c 61 73 73 3d 22 54 4b 2d 44 61 73 68 2d 4c 69 6e 6b 22 3e 56 42 2e 4e 45 54 20 74 6f 20 43 23 20 43 6f 6e 76 65 72 74 65 72 3c 2f 61 3e 20 3c 61 20 68 72 65 66 3d 22 2f 74 65 73 74 73 74 75 64 69 6f 2f 74 65 73 74 69 6e 67 2d 66 72 61 6d 65 77 6f 72 6b 22 20 63 6c 61 73 73 3d 22 54 4b 2d 44 61 73 68 2d 4c 69 6e 6b 22 20 64 61 74 61 2d 6d 61 74 63 68 2d 65 78 61 63 74 2d 70 61 74 68 3e 54 65 73 74 69 6e 67 20 46 72 61 6d 65 77 6f 72 6b 3c 2f 61 3e 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 64 69 76 20 63 6c 61 73 73 3d 22 54 4b 2d 44 61 73 68 2d 46 6f 6f 74 65 72 22 3e 3c 61 20 68 72 65 66 3d 22 2f 61 6c 6c 2d 70 72 6f 64
                                                                                                                                                                                                                                                                                                                                  Data Ascii: a href="https://converter.telerik.com" class="TK-Dash-Link">VB.NET to C# Converter</a> <a href="/teststudio/testing-framework" class="TK-Dash-Link" data-match-exact-path>Testing Framework</a></div></div></div><div class="TK-Dash-Footer"><a href="/all-prod
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:57 UTC1448INData Raw: 6b 22 20 64 61 74 61 2d 6d 61 74 63 68 2d 65 78 61 63 74 2d 70 61 74 68 3e 46 69 64 64 6c 65 72 20 43 6c 61 73 73 69 63 3c 2f 61 3e 3c 2f 6c 69 3e 3c 6c 69 3e 3c 61 20 68 72 65 66 3d 22 2f 66 69 64 64 6c 65 72 2d 6a 61 6d 22 20 63 6c 61 73 73 3d 22 54 4b 2d 44 72 6f 70 64 6f 77 6e 2d 4c 69 6e 6b 22 20 64 61 74 61 2d 6d 61 74 63 68 2d 65 78 61 63 74 2d 70 61 74 68 3e 46 69 64 64 6c 65 72 20 4a 61 6d 3c 2f 61 3e 3c 2f 6c 69 3e 3c 6c 69 3e 3c 61 20 68 72 65 66 3d 22 2f 66 69 64 64 6c 65 72 2f 66 69 64 64 6c 65 72 63 61 70 22 20 63 6c 61 73 73 3d 22 54 4b 2d 44 72 6f 70 64 6f 77 6e 2d 4c 69 6e 6b 22 20 64 61 74 61 2d 6d 61 74 63 68 2d 65 78 61 63 74 2d 70 61 74 68 3e 46 69 64 64 6c 65 72 43 61 70 3c 2f 61 3e 3c 2f 6c 69 3e 3c 6c 69 3e 3c 61 20 68 72 65 66 3d
                                                                                                                                                                                                                                                                                                                                  Data Ascii: k" data-match-exact-path>Fiddler Classic</a></li><li><a href="/fiddler-jam" class="TK-Dropdown-Link" data-match-exact-path>Fiddler Jam</a></li><li><a href="/fiddler/fiddlercap" class="TK-Dropdown-Link" data-match-exact-path>FiddlerCap</a></li><li><a href=
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:57 UTC16384INData Raw: 3d 22 54 4b 2d 41 73 69 64 65 2d 4d 65 6e 75 2d 49 74 65 6d 20 54 4b 2d 62 6e 22 3e 3c 61 20 68 72 65 66 3d 22 2f 63 6f 6e 74 61 63 74 3f 70 72 65 73 65 6c 65 63 74 3d 66 69 64 64 6c 65 72 2d 63 6c 61 73 73 69 63 22 20 63 6c 61 73 73 3d 22 54 4b 2d 41 73 69 64 65 2d 4d 65 6e 75 2d 42 75 74 74 6f 6e 20 54 4b 2d 42 75 74 74 6f 6e 2d 2d 43 54 41 2d 53 65 63 22 20 74 69 74 6c 65 3d 22 43 6f 6e 74 61 63 74 20 55 73 22 20 64 61 74 61 2d 6d 61 74 63 68 2d 73 74 61 72 74 73 2d 77 69 74 68 2d 70 61 74 68 3e 3c 73 76 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 31 36 20 31 36 22 20 77 69 64 74 68 3d 22 31 36 22 20 68 65 69 67 68 74 3d 22 31 36 22 3e 3c 70 61 74
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ="TK-Aside-Menu-Item TK-bn"><a href="/contact?preselect=fiddler-classic" class="TK-Aside-Menu-Button TK-Button--CTA-Sec" title="Contact Us" data-match-starts-with-path><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><pat
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:58 UTC11128INData Raw: 74 20 54 4b 2d 66 73 31 36 22 3e 34 6b 2b 3c 2f 73 70 61 6e 3e 3c 2f 61 3e 3c 2f 6c 69 3e 3c 6c 69 20 63 6c 61 73 73 3d 22 54 4b 2d 46 6f 6f 74 65 72 2d 4c 69 73 74 2d 48 6f 72 69 7a 6f 6e 74 61 6c 2d 49 74 65 6d 22 3e 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 79 6f 75 74 75 62 65 2e 63 6f 6d 2f 63 2f 74 65 6c 65 72 69 6b 22 20 74 69 74 6c 65 3d 22 59 6f 75 54 75 62 65 22 20 63 6c 61 73 73 3d 22 54 4b 2d 46 6f 6f 74 65 72 2d 53 6f 63 69 61 6c 2d 4c 69 6e 6b 22 3e 3c 73 76 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 20 77 69 64 74 68 3d 22 32 36 22 20 68 65 69 67 68 74 3d 22 31 38 2e 32 38 37 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 32 36 20 31 38 2e 32 38 37 22 3e 3c
                                                                                                                                                                                                                                                                                                                                  Data Ascii: t TK-fs16">4k+</span></a></li><li class="TK-Footer-List-Horizontal-Item"><a href="https://www.youtube.com/c/telerik" title="YouTube" class="TK-Footer-Social-Link"><svg xmlns="http://www.w3.org/2000/svg" width="26" height="18.287" viewBox="0 0 26 18.287"><
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:58 UTC16384INData Raw: 4c 69 73 74 22 3e 3c 6c 69 20 63 6c 61 73 73 3d 22 54 4b 2d 46 6f 6f 74 65 72 2d 4c 69 73 74 2d 49 74 65 6d 22 3e 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 70 72 6f 67 72 65 73 73 2e 63 6f 6d 2f 63 6f 6d 70 61 6e 79 22 20 63 6c 61 73 73 3d 22 54 4b 2d 46 6f 6f 74 65 72 2d 4c 69 6e 6b 22 3e 43 6f 6d 70 61 6e 79 3c 2f 61 3e 3c 2f 6c 69 3e 3c 6c 69 20 63 6c 61 73 73 3d 22 54 4b 2d 46 6f 6f 74 65 72 2d 4c 69 73 74 2d 49 74 65 6d 22 3e 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 70 72 6f 67 72 65 73 73 2e 63 6f 6d 2f 70 72 6f 64 75 63 74 73 22 20 63 6c 61 73 73 3d 22 54 4b 2d 46 6f 6f 74 65 72 2d 4c 69 6e 6b 22 3e 54 65 63 68 6e 6f 6c 6f 67 79 3c 2f 61 3e 3c 2f 6c 69 3e 3c 6c 69 20 63 6c 61 73 73 3d 22 54 4b 2d 46 6f 6f
                                                                                                                                                                                                                                                                                                                                  Data Ascii: List"><li class="TK-Footer-List-Item"><a href="https://www.progress.com/company" class="TK-Footer-Link">Company</a></li><li class="TK-Footer-List-Item"><a href="https://www.progress.com/products" class="TK-Footer-Link">Technology</a></li><li class="TK-Foo
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:58 UTC992INData Raw: 20 73 2e 61 73 79 6e 63 20 3d 20 21 30 2c 20 73 2e 73 72 63 20 3d 20 22 2f 2f 69 6d 67 2e 65 6e 32 35 2e 63 6f 6d 2f 69 2f 65 6c 71 43 66 67 2e 6d 69 6e 2e 6a 73 22 3b 20 76 61 72 20 78 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 28 22 73 63 72 69 70 74 22 29 5b 30 5d 3b 20 78 2e 70 61 72 65 6e 74 4e 6f 64 65 2e 69 6e 73 65 72 74 42 65 66 6f 72 65 28 73 2c 20 78 29 20 7d 20 7d 20 66 75 6e 63 74 69 6f 6e 20 6c 6f 61 64 47 41 28 29 20 7b 20 77 69 6e 64 6f 77 2e 5f 67 61 71 20 3d 20 77 69 6e 64 6f 77 2e 5f 67 61 71 20 7c 7c 20 5b 5d 2c 20 77 69 6e 64 6f 77 2e 5f 67 61 71 2e 70 75 73 68 28 5b 22 5f 73 65 74 41 63 63 6f 75 6e 74 22 2c 22 55 41 2d 31 31 31 34 35 35 2d 31 22 5d 2c 20 5b 22 5f 73 65 74 44 6f 6d
                                                                                                                                                                                                                                                                                                                                  Data Ascii: s.async = !0, s.src = "//img.en25.com/i/elqCfg.min.js"; var x = document.getElementsByTagName("script")[0]; x.parentNode.insertBefore(s, x) } } function loadGA() { window._gaq = window._gaq || [], window._gaq.push(["_setAccount","UA-111455-1"], ["_setDom
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:58 UTC192INData Raw: 72 6f 6e 74 2e 6e 65 74 2f 46 72 6f 6e 74 65 6e 64 2d 41 73 73 65 6d 62 6c 79 2f 57 65 62 2e 53 69 74 65 66 69 6e 69 74 79 45 78 74 65 6e 73 69 6f 6e 73 2e 45 6c 6f 71 75 61 43 6f 6e 6e 65 63 74 6f 72 2f 53 63 72 69 70 74 73 2f 53 65 74 42 72 6f 77 73 65 72 53 65 73 73 69 6f 6e 53 74 6f 72 61 67 65 2e 6d 69 6e 2e 6a 73 3f 70 61 63 6b 61 67 65 3d 50 75 72 65 4d 76 63 26 61 6d 70 3b 76 3d 5a 47 78 31 62 55 55 32 52 6e 5a 36 54 6d 64 30 64 32 31 44 54 6d 31 30 4d 32 5a 48 55 54 30 39 29 27 3e 3c 2f 73 63 72 69 70 74 3e 20 3c 2f 62 6f 64 79 3e 20 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ront.net/Frontend-Assembly/Web.SitefinityExtensions.EloquaConnector/Scripts/SetBrowserSessionStorage.min.js?package=PureMvc&amp;v=ZGx1bUU2RnZ6Tmd0d21DTm10M2ZHUT09)'></script> </body> </html>


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  71192.168.2.749811104.18.32.1374437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:57 UTC647OUTPOST /request/v1/consentreceipts HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: privacyportal.onetrust.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  Content-Length: 11250
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:57 UTC11250OUTData Raw: 7b 22 72 65 71 75 65 73 74 49 6e 66 6f 72 6d 61 74 69 6f 6e 22 3a 22 65 79 4a 68 62 47 63 69 4f 69 4a 53 55 7a 55 78 4d 69 4a 39 2e 65 79 4a 76 64 45 70 33 64 46 5a 6c 63 6e 4e 70 62 32 34 69 4f 6a 45 73 49 6e 42 79 62 32 4e 6c 63 33 4e 4a 5a 43 49 36 49 6a 45 79 4d 7a 45 7a 59 57 56 6c 4c 54 56 6d 4e 57 55 74 4e 44 52 6a 4e 69 30 34 4e 44 6b 78 4c 57 56 6a 5a 6d 4d 78 4d 6d 4d 7a 59 32 52 6a 4d 53 49 73 49 6e 42 79 62 32 4e 6c 63 33 4e 57 5a 58 4a 7a 61 57 39 75 49 6a 6f 79 4d 7a 41 73 49 6d 6c 68 64 43 49 36 49 6a 49 77 4d 6a 41 74 4d 44 55 74 4d 6a 68 55 4d 44 6b 36 4e 54 6b 36 4e 54 67 75 4e 54 4d 33 49 69 77 69 62 57 39 6a 49 6a 6f 69 51 30 39 50 53 30 6c 46 49 69 77 69 63 47 39 73 61 57 4e 35 58 33 56 79 61 53 49 36 49 6e 52 6c 62 47 56 79 61 57 73
                                                                                                                                                                                                                                                                                                                                  Data Ascii: {"requestInformation":"eyJhbGciOiJSUzUxMiJ9.eyJvdEp3dFZlcnNpb24iOjEsInByb2Nlc3NJZCI6IjEyMzEzYWVlLTVmNWUtNDRjNi04NDkxLWVjZmMxMmMzY2RjMSIsInByb2Nlc3NWZXJzaW9uIjoyMzAsImlhdCI6IjIwMjAtMDUtMjhUMDk6NTk6NTguNTM3IiwibW9jIjoiQ09PS0lFIiwicG9saWN5X3VyaSI6InRlbGVyaWs
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:57 UTC458INHTTP/1.1 201 Created
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:57 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Vary: Origin
                                                                                                                                                                                                                                                                                                                                  Vary: Access-Control-Request-Method
                                                                                                                                                                                                                                                                                                                                  Vary: Access-Control-Request-Headers
                                                                                                                                                                                                                                                                                                                                  Vary: Origin
                                                                                                                                                                                                                                                                                                                                  Vary: Access-Control-Request-Method
                                                                                                                                                                                                                                                                                                                                  Vary: Access-Control-Request-Headers
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                                                                                                                                                                                  CF-RAY: 8791a37bc82909f3-LAS


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  72192.168.2.74981274.125.137.1564437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:57 UTC1205OUTGET /td/ga/rul?tid=G-9JSNBCSF54&gacid=925834404.1713914987&gtm=45je44m0v9167661709z8536291za200&dma=0&gcs=G111&gcd=13v3v3v3v5&npa=0&pscdl=noapi&aip=1&fledge=1&z=1283479480 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: td.doubleclick.net
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  Cache-Control: max-age=0
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                                                                                                                                  X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: iframe
                                                                                                                                                                                                                                                                                                                                  Referer: https://td.doubleclick.net/td/ga/rul?tid=G-9JSNBCSF54&gacid=925834404.1713914987&gtm=45je44m0v9167661709z8536291za200&dma=0&gcs=G111&gcd=13v3v3v3v5&npa=0&pscdl=noapi&aip=1&fledge=1&z=1283479480
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: IDE=AHWqTUkWuMucKmweOSwmj7RW92pz4PKO8842RtsIxN0p7KUWBRm2nELl74IoNpUN
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:57 UTC646INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
                                                                                                                                                                                                                                                                                                                                  Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:57 GMT
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache, must-revalidate
                                                                                                                                                                                                                                                                                                                                  Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  Server: cafe
                                                                                                                                                                                                                                                                                                                                  X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                  Accept-Ranges: none
                                                                                                                                                                                                                                                                                                                                  Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:57 UTC18INData Raw: 64 0d 0a 3c 68 74 6d 6c 3e 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                                                                                                                                  Data Ascii: d<html></html>
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:57 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 0


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  73192.168.2.749813143.244.50.2134437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:57 UTC690OUTGET /frame.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: dntcl.qualaroo.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: iframe
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:57 UTC639INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:57 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                  Content-Length: 323
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                  Server: BunnyCDN-LA1-996
                                                                                                                                                                                                                                                                                                                                  CDN-PullZone: 99568
                                                                                                                                                                                                                                                                                                                                  CDN-Uid: 50c043fb-dcd1-4574-9faf-b60384f66f78
                                                                                                                                                                                                                                                                                                                                  CDN-RequestCountryCode: US
                                                                                                                                                                                                                                                                                                                                  Cache-Control: public, max-age=604800
                                                                                                                                                                                                                                                                                                                                  Last-Modified: Sun, 09 Jul 2023 20:56:17 GMT
                                                                                                                                                                                                                                                                                                                                  CDN-StorageServer: DE-578
                                                                                                                                                                                                                                                                                                                                  CDN-FileServer: 639
                                                                                                                                                                                                                                                                                                                                  CDN-ProxyVer: 1.03
                                                                                                                                                                                                                                                                                                                                  CDN-RequestPullSuccess: True
                                                                                                                                                                                                                                                                                                                                  CDN-RequestPullCode: 206
                                                                                                                                                                                                                                                                                                                                  CDN-CachedAt: 07/13/2023 16:58:30
                                                                                                                                                                                                                                                                                                                                  CDN-EdgeStorageId: 1111
                                                                                                                                                                                                                                                                                                                                  CDN-Status: 200
                                                                                                                                                                                                                                                                                                                                  CDN-RequestId: 64d4b8f9262f389d17c7f220ba1e5d28
                                                                                                                                                                                                                                                                                                                                  CDN-Cache: HIT
                                                                                                                                                                                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:57 UTC323INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 73 63 72 69 70 74 3e 66 75 6e 63 74 69 6f 6e 20 67 65 74 43 6f 6f 6b 69 65 28 65 29 7b 76 61 72 20 6f 3d 22 3b 20 22 2b 64 6f 63 75 6d 65 6e 74 2e 63 6f 6f 6b 69 65 2c 74 3d 6f 2e 73 70 6c 69 74 28 22 3b 20 22 2b 65 2b 22 3d 22 29 3b 72 65 74 75 72 6e 20 32 3d 3d 74 2e 6c 65 6e 67 74 68 3f 74 2e 70 6f 70 28 29 2e 73 70 6c 69 74 28 22 3b 22 29 2e 73 68 69 66 74 28 29 3a 76 6f 69 64 20 30 7d 77 69 6e 64 6f 77 2e 70 61 72 65 6e 74 26 26 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 2e 70 61 72 65 6e 74 2e 70 6f 73 74 4d 65 73 73 61 67 65 26 26 67 65 74 43 6f 6f 6b 69 65 28 22 44 4e 54 22 29 26 26 77 69 6e 64 6f 77 2e 70 61 72 65 6e 74 2e 70 6f
                                                                                                                                                                                                                                                                                                                                  Data Ascii: <!DOCTYPE html><html><head><script>function getCookie(e){var o="; "+document.cookie,t=o.split("; "+e+"=");return 2==t.length?t.pop().split(";").shift():void 0}window.parent&&"undefined"!=typeof window.parent.postMessage&&getCookie("DNT")&&window.parent.po


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  74192.168.2.74980913.107.213.694437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:57 UTC595OUTGET /tag/uet/223000243 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: www.clarity.ms
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: CLID=2a63f70e8ac245f79a80d75f53b3453d.20240423.20250423
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:57 UTC379INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:57 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/x-javascript
                                                                                                                                                                                                                                                                                                                                  Content-Length: 846
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache, no-store
                                                                                                                                                                                                                                                                                                                                  Expires: -1
                                                                                                                                                                                                                                                                                                                                  Request-Context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
                                                                                                                                                                                                                                                                                                                                  x-azure-ref: 20240423T232957Z-168bb8d798b968vptsayvcbkpg000000055g0000000026ew
                                                                                                                                                                                                                                                                                                                                  X-Cache: CONFIG_NOCACHE
                                                                                                                                                                                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:57 UTC846INData Raw: 21 66 75 6e 63 74 69 6f 6e 28 63 2c 6c 2c 61 2c 72 2c 69 2c 74 2c 79 29 7b 61 5b 63 5d 3d 61 5b 63 5d 7c 7c 66 75 6e 63 74 69 6f 6e 28 29 7b 28 61 5b 63 5d 2e 71 3d 61 5b 63 5d 2e 71 7c 7c 5b 5d 29 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 7d 3b 66 75 6e 63 74 69 6f 6e 20 73 79 6e 63 28 29 7b 28 6e 65 77 20 49 6d 61 67 65 29 2e 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 2e 63 6c 61 72 69 74 79 2e 6d 73 2f 63 2e 67 69 66 22 7d 22 63 6f 6d 70 6c 65 74 65 22 3d 3d 64 6f 63 75 6d 65 6e 74 2e 72 65 61 64 79 53 74 61 74 65 3f 73 79 6e 63 28 29 3a 77 69 6e 64 6f 77 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 6c 6f 61 64 22 2c 73 79 6e 63 29 3b 61 5b 63 5d 28 22 6d 65 74 61 64 61 74 61 22 2c 28 66 75 6e 63 74 69 6f 6e 28 29 7b 61 5b 63 5d 28 22
                                                                                                                                                                                                                                                                                                                                  Data Ascii: !function(c,l,a,r,i,t,y){a[c]=a[c]||function(){(a[c].q=a[c].q||[]).push(arguments)};function sync(){(new Image).src="https://c.clarity.ms/c.gif"}"complete"==document.readyState?sync():window.addEventListener("load",sync);a[c]("metadata",(function(){a[c]("


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  75192.168.2.74981574.125.137.1564437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:57 UTC2045OUTGET /td/rul/975652292?random=1713914991222&cv=11&fst=1713914991222&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je44m0v9167661709za200&gcs=G111&gcd=13v3v3v3v5&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&label=p4zxCNq_8IkYEMSLndED&hn=www.googleadservices.com&frm=0&tiba=First%20run&gtm_ee=1&npa=0&pscdl=noapi&auid=571138784.1713914988&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.134%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.134&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&ct_cookie_present=0 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: td.doubleclick.net
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  Cache-Control: max-age=0
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                                                                                                                                  X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: iframe
                                                                                                                                                                                                                                                                                                                                  Referer: https://td.doubleclick.net/td/rul/975652292?random=1713914991222&cv=11&fst=1713914991222&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je44m0v9167661709za200&gcs=G111&gcd=13v3v3v3v5&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&label=p4zxCNq_8IkYEMSLndED&hn=www.googleadservices.com&frm=0&tiba=First%20run&gtm_ee=1&npa=0&pscdl=noapi&auid=571138784.1713914988&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.134%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.134&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&ct_cookie_present=0
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: IDE=AHWqTUkWuMucKmweOSwmj7RW92pz4PKO8842RtsIxN0p7KUWBRm2nELl74IoNpUN
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:57 UTC646INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
                                                                                                                                                                                                                                                                                                                                  Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:57 GMT
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache, must-revalidate
                                                                                                                                                                                                                                                                                                                                  Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  Server: cafe
                                                                                                                                                                                                                                                                                                                                  X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                  Accept-Ranges: none
                                                                                                                                                                                                                                                                                                                                  Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:57 UTC609INData Raw: 31 32 31 61 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 6f 72 69 67 69 6e 2d 74 72 69 61 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 41 76 68 35 4e 79 30 58 45 46 43 79 51 37 2b 6f 4e 69 65 58 73 6b 55 72 71 59 38 65 64 55 7a 4c 35 2f 58 72 77 4b 6c 47 6a 41 52 51 48 57 34 54 46 52 4b 2b 6a 56 64 35 48 6e 44 49 70 59 32 30 6e 35 4f 4c 48 66 67 55 34 6b 75 37 78 34 38 4e 33 75 68 47 2f 41 30 41 41 41 42 78 65 79 4a 76 63 6d 6c 6e 61 57 34 69 4f 69 4a 6f 64 48 52 77 63 7a 6f 76 4c 32 52 76 64 57 4a 73 5a 57 4e 73 61 57 4e 72 4c 6d 35 6c 64 44 6f 30 4e 44 4d 69 4c 43 4a 6d 5a 57 46 30 64 58 4a 6c 49 6a 6f 69 55 48 4a 70 64 6d 46 6a 65 56 4e 68 62 6d 52 69 62 33 68 42 5a 48 4e 42 55 45 6c 7a 49 69 77 69 5a 58 68 77
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 121a<html><head><meta http-equiv="origin-trial" content="Avh5Ny0XEFCyQ7+oNieXskUrqY8edUzL5/XrwKlGjARQHW4TFRK+jVd5HnDIpY20n5OLHfgU4ku7x48N3uhG/A0AAABxeyJvcmlnaW4iOiJodHRwczovL2RvdWJsZWNsaWNrLm5ldDo0NDMiLCJmZWF0dXJlIjoiUHJpdmFjeVNhbmRib3hBZHNBUElzIiwiZXhw
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:57 UTC1255INData Raw: 32 38 30 36 38 38 36 5c 75 30 30 32 36 74 61 67 5f 65 69 64 3d 34 34 38 30 35 36 35 32 22 2c 22 74 72 75 73 74 65 64 42 69 64 64 69 6e 67 53 69 67 6e 61 6c 73 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 74 64 2e 64 6f 75 62 6c 65 63 6c 69 63 6b 2e 6e 65 74 2f 74 64 2f 62 74 73 22 2c 22 74 72 75 73 74 65 64 42 69 64 64 69 6e 67 53 69 67 6e 61 6c 73 4b 65 79 73 22 3a 5b 22 31 73 58 55 6f 38 5a 41 21 32 73 5a 6b 5f 52 64 51 21 33 73 41 41 70 74 44 56 35 41 4f 45 72 61 22 5d 2c 22 75 73 65 72 42 69 64 64 69 6e 67 53 69 67 6e 61 6c 73 22 3a 5b 5b 22 35 39 37 34 36 33 33 34 35 22 5d 2c 6e 75 6c 6c 2c 31 37 31 33 39 31 34 39 39 37 34 32 39 31 34 33 2c 31 37 31 33 39 31 34 39 39 34 36 34 31 37 38 34 2c 32 5d 2c 22 61 64 73 22 3a 5b 7b 22 72 65 6e 64 65 72 55 72 6c
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 2806886\u0026tag_eid=44805652","trustedBiddingSignalsUrl":"https://td.doubleclick.net/td/bts","trustedBiddingSignalsKeys":["1sXUo8ZA!2sZk_RdQ!3sAAptDV5AOEra"],"userBiddingSignals":[["597463345"],null,1713914997429143,1713914994641784,2],"ads":[{"renderUrl
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:57 UTC1255INData Raw: 32 36 63 76 5f 69 64 3d 30 5c 75 30 30 32 36 66 6f 72 6d 61 74 3d 24 7b 41 44 5f 57 49 44 54 48 7d 78 24 7b 41 44 5f 48 45 49 47 48 54 7d 5c 75 30 30 32 36 72 64 73 3d 24 7b 52 45 4e 44 45 52 5f 44 41 54 41 7d 5c 75 30 30 32 36 73 65 61 74 3d 32 5c 75 30 30 32 36 72 70 5f 69 64 3d 31 6a 34 35 32 38 30 36 38 38 36 22 2c 22 6d 65 74 61 64 61 74 61 22 3a 5b 22 31 35 33 32 34 37 38 35 36 38 34 35 22 2c 22 36 39 37 34 32 36 33 39 35 33 33 32 22 2c 6e 75 6c 6c 2c 22 32 30 37 30 32 30 37 37 35 37 39 22 5d 2c 22 61 64 52 65 6e 64 65 72 49 64 22 3a 22 2d 71 78 6b 5f 70 64 79 5a 42 6f 22 7d 5d 2c 22 65 78 65 63 75 74 69 6f 6e 4d 6f 64 65 22 3a 22 67 72 6f 75 70 2d 62 79 2d 6f 72 69 67 69 6e 22 2c 22 62 69 64 64 69 6e 67 57 61 73 6d 48 65 6c 70 65 72 55 72 6c 22 3a
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 26cv_id=0\u0026format=${AD_WIDTH}x${AD_HEIGHT}\u0026rds=${RENDER_DATA}\u0026seat=2\u0026rp_id=1j452806886","metadata":["153247856845","697426395332",null,"20702077579"],"adRenderId":"-qxk_pdyZBo"}],"executionMode":"group-by-origin","biddingWasmHelperUrl":
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:57 UTC1255INData Raw: 63 68 2f 67 64 61 3f 61 64 67 5f 69 64 3d 31 35 37 33 33 31 35 34 32 35 32 31 5c 75 30 30 32 36 63 72 5f 69 64 3d 36 39 37 34 31 30 39 35 31 30 35 31 5c 75 30 30 32 36 63 76 5f 69 64 3d 30 5c 75 30 30 32 36 66 6f 72 6d 61 74 3d 24 7b 41 44 5f 57 49 44 54 48 7d 78 24 7b 41 44 5f 48 45 49 47 48 54 7d 5c 75 30 30 32 36 72 64 73 3d 24 7b 52 45 4e 44 45 52 5f 44 41 54 41 7d 5c 75 30 30 32 36 73 65 61 74 3d 32 5c 75 30 30 32 36 72 70 5f 69 64 3d 31 6a 35 39 37 34 36 33 33 34 35 22 2c 22 6d 65 74 61 64 61 74 61 22 3a 5b 22 31 35 37 33 33 31 35 34 32 35 32 31 22 2c 22 36 39 37 34 31 30 39 35 31 30 35 31 22 2c 6e 75 6c 6c 2c 22 32 30 35 37 36 30 31 34 34 36 35 22 5d 2c 22 61 64 52 65 6e 64 65 72 49 64 22 3a 22 6d 51 6b 34 54 41 37 5f 6b 47 77 22 7d 2c 7b 22 72 65
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ch/gda?adg_id=157331542521\u0026cr_id=697410951051\u0026cv_id=0\u0026format=${AD_WIDTH}x${AD_HEIGHT}\u0026rds=${RENDER_DATA}\u0026seat=2\u0026rp_id=1j597463345","metadata":["157331542521","697410951051",null,"20576014465"],"adRenderId":"mQk4TA7_kGw"},{"re
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:57 UTC268INData Raw: 6c 65 61 76 65 41 64 49 6e 74 65 72 65 73 74 47 72 6f 75 70 28 69 2e 69 6e 74 65 72 65 73 74 47 72 6f 75 70 41 74 74 72 69 62 75 74 65 73 29 3b 7d 7d 63 61 74 63 68 28 65 29 7b 6e 61 76 69 67 61 74 6f 72 2e 73 65 6e 64 42 65 61 63 6f 6e 28 60 68 74 74 70 73 3a 2f 2f 70 61 67 65 61 64 32 2e 67 6f 6f 67 6c 65 73 79 6e 64 69 63 61 74 69 6f 6e 2e 63 6f 6d 2f 70 61 67 65 61 64 2f 67 65 6e 5f 32 30 34 2f 3f 69 64 3d 74 75 72 74 6c 65 78 5f 6a 6f 69 6e 5f 69 67 26 74 78 5f 6a 69 67 3d 24 7b 65 6e 63 6f 64 65 55 52 49 43 6f 6d 70 6f 6e 65 6e 74 28 4a 53 4f 4e 2e 73 74 72 69 6e 67 69 66 79 28 69 29 29 7d 26 74 78 5f 6a 65 6d 3d 24 7b 65 2e 6d 65 73 73 61 67 65 7d 26 74 78 5f 6a 65 6e 3d 24 7b 65 2e 6e 61 6d 65 7d 60 29 3b 7d 7d 3c 2f 73 63 72 69 70 74 3e 3c 2f 62
                                                                                                                                                                                                                                                                                                                                  Data Ascii: leaveAdInterestGroup(i.interestGroupAttributes);}}catch(e){navigator.sendBeacon(`https://pagead2.googlesyndication.com/pagead/gen_204/?id=turtlex_join_ig&tx_jig=${encodeURIComponent(JSON.stringify(i))}&tx_jem=${e.message}&tx_jen=${e.name}`);}}</script></b
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:57 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 0


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  76192.168.2.7498143.211.190.764437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:57 UTC568OUTGET /json/ HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: geo.qualaroo.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  Accept: application/javascript
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:57 UTC284INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:57 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/json
                                                                                                                                                                                                                                                                                                                                  Content-Length: 241
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Vary: Origin
                                                                                                                                                                                                                                                                                                                                  X-Database-Date: Fri, 05 Jan 2018 18:56:42 GMT
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:57 UTC241INData Raw: 7b 22 69 70 22 3a 22 31 35 34 2e 31 36 2e 31 30 35 2e 33 36 22 2c 22 63 6f 75 6e 74 72 79 5f 63 6f 64 65 22 3a 22 55 53 22 2c 22 63 6f 75 6e 74 72 79 5f 6e 61 6d 65 22 3a 22 55 6e 69 74 65 64 20 53 74 61 74 65 73 22 2c 22 72 65 67 69 6f 6e 5f 63 6f 64 65 22 3a 22 41 5a 22 2c 22 72 65 67 69 6f 6e 5f 6e 61 6d 65 22 3a 22 41 72 69 7a 6f 6e 61 22 2c 22 63 69 74 79 22 3a 22 50 68 6f 65 6e 69 78 22 2c 22 7a 69 70 5f 63 6f 64 65 22 3a 22 38 35 30 30 34 22 2c 22 74 69 6d 65 5f 7a 6f 6e 65 22 3a 22 41 6d 65 72 69 63 61 2f 50 68 6f 65 6e 69 78 22 2c 22 6c 61 74 69 74 75 64 65 22 3a 33 33 2e 34 34 39 39 2c 22 6c 6f 6e 67 69 74 75 64 65 22 3a 2d 31 31 32 2e 30 37 31 32 2c 22 6d 65 74 72 6f 5f 63 6f 64 65 22 3a 37 35 33 7d 0a
                                                                                                                                                                                                                                                                                                                                  Data Ascii: {"ip":"154.16.105.36","country_code":"US","country_name":"United States","region_code":"AZ","region_name":"Arizona","city":"Phoenix","zip_code":"85004","time_zone":"America/Phoenix","latitude":33.4499,"longitude":-112.0712,"metro_code":753}


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  77192.168.2.74981831.13.70.364437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:57 UTC612OUTGET /tr/?id=1444093252502226&ev=CHEQ&dl=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&rl=&if=false&ts=1713914994454&sw=1280&sh=1024&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1713914994453.110516813&ler=empty&cdl=API_unavailable&it=1713914993541&coo=false&rqm=GET HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: www.facebook.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:57 UTC469INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin:
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                                                                  cross-origin-resource-policy: cross-origin
                                                                                                                                                                                                                                                                                                                                  Server: proxygen-bolt
                                                                                                                                                                                                                                                                                                                                  X-FB-Connection-Quality: MODERATE; q=0.3, rtt=160, rtx=0, c=10, mss=1277, tbw=3403, tp=-1, tpl=-1, uplat=1, ullat=1
                                                                                                                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:57 GMT
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Content-Length: 0


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  78192.168.2.74981931.13.70.364437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:57 UTC649OUTGET /privacy_sandbox/pixel/register/trigger/?id=1444093252502226&ev=CHEQ&dl=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&rl=&if=false&ts=1713914994454&sw=1280&sh=1024&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1713914994453.110516813&ler=empty&cdl=API_unavailable&it=1713914993541&coo=false&rqm=FGET HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: www.facebook.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:57 UTC900INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
                                                                                                                                                                                                                                                                                                                                  report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:57 UTC1903INData Raw: 63 6f 6e 74 65 6e 74 2d 73 65 63 75 72 69 74 79 2d 70 6f 6c 69 63 79 3a 20 64 65 66 61 75 6c 74 2d 73 72 63 20 64 61 74 61 3a 20 62 6c 6f 62 3a 20 27 73 65 6c 66 27 20 68 74 74 70 73 3a 2f 2f 2a 2e 66 62 73 62 78 2e 63 6f 6d 20 27 75 6e 73 61 66 65 2d 69 6e 6c 69 6e 65 27 20 2a 2e 66 61 63 65 62 6f 6f 6b 2e 63 6f 6d 20 2a 2e 66 62 63 64 6e 2e 6e 65 74 20 27 75 6e 73 61 66 65 2d 65 76 61 6c 27 3b 73 63 72 69 70 74 2d 73 72 63 20 2a 2e 66 61 63 65 62 6f 6f 6b 2e 63 6f 6d 20 2a 2e 66 62 63 64 6e 2e 6e 65 74 20 2a 2e 66 61 63 65 62 6f 6f 6b 2e 6e 65 74 20 31 32 37 2e 30 2e 30 2e 31 3a 2a 20 27 75 6e 73 61 66 65 2d 69 6e 6c 69 6e 65 27 20 62 6c 6f 62 3a 20 64 61 74 61 3a 20 27 73 65 6c 66 27 20 63 6f 6e 6e 65 63 74 2e 66 61 63 65 62 6f 6f 6b 2e 6e 65 74 20 27
                                                                                                                                                                                                                                                                                                                                  Data Ascii: content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net '
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:57 UTC1613INData Raw: 70 65 72 6d 69 73 73 69 6f 6e 73 2d 70 6f 6c 69 63 79 3a 20 61 63 63 65 6c 65 72 6f 6d 65 74 65 72 3d 28 29 2c 20 61 74 74 72 69 62 75 74 69 6f 6e 2d 72 65 70 6f 72 74 69 6e 67 3d 28 73 65 6c 66 29 2c 20 61 75 74 6f 70 6c 61 79 3d 28 29 2c 20 62 6c 75 65 74 6f 6f 74 68 3d 28 29 2c 20 63 61 6d 65 72 61 3d 28 73 65 6c 66 29 2c 20 63 68 2d 64 65 76 69 63 65 2d 6d 65 6d 6f 72 79 3d 28 29 2c 20 63 68 2d 64 6f 77 6e 6c 69 6e 6b 3d 28 29 2c 20 63 68 2d 64 70 72 3d 28 29 2c 20 63 68 2d 65 63 74 3d 28 29 2c 20 63 68 2d 72 74 74 3d 28 29 2c 20 63 68 2d 73 61 76 65 2d 64 61 74 61 3d 28 29 2c 20 63 68 2d 75 61 2d 61 72 63 68 3d 28 29 2c 20 63 68 2d 75 61 2d 62 69 74 6e 65 73 73 3d 28 29 2c 20 63 68 2d 76 69 65 77 70 6f 72 74 2d 68 65 69 67 68 74 3d 28 29 2c 20 63 68
                                                                                                                                                                                                                                                                                                                                  Data Ascii: permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  79192.168.2.7498103.248.162.964437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:57 UTC1917OUTPOST /mon HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: obseu.ytwohlcq.telerik.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  Content-Length: 2081
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _ga=GA1.1.925834404.1713914987; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjpmYWxzZX0=; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; cg_uuid=490a579c4dfc5a03b8ee2ef3e0a6a990; _cq_pxg=3|594323327|975652292|event=conversion; _ga_9JSNBCSF54=GS1.1.1713914987.1.0.1713914991.56.0.0; _fbp=fb.1.1713914994453.110516813; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A55+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=1&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:57 UTC2081OUTData Raw: 65 3d 33 37 64 66 62 64 38 65 65 38 34 65 30 30 31 32 36 62 65 64 63 65 33 34 65 65 34 65 38 33 39 66 39 32 32 35 63 32 34 66 35 36 37 64 34 33 64 36 64 61 31 39 30 38 62 65 36 32 34 35 63 61 64 37 62 64 37 30 61 39 37 36 37 31 30 63 65 36 30 65 64 38 39 33 37 33 62 66 65 37 30 65 39 63 32 30 63 31 65 35 33 65 38 64 35 64 31 36 38 62 36 61 32 66 31 37 30 37 31 61 31 30 61 63 66 39 66 32 39 66 36 37 34 64 38 62 38 33 64 38 30 32 32 62 33 36 34 38 66 61 32 63 32 31 35 37 38 32 36 61 64 66 36 31 39 35 30 63 36 35 35 30 32 31 63 36 30 34 30 33 30 61 33 35 35 35 35 39 39 37 62 37 36 32 34 66 37 37 62 65 32 36 62 62 32 35 63 62 34 33 65 32 39 32 33 65 66 34 34 63 36 65 61 61 31 33 32 63 37 61 31 34 63 34 35 30 65 61 35 34 65 32 38 35 39 32 39 63 36 38 66 33 37
                                                                                                                                                                                                                                                                                                                                  Data Ascii: e=37dfbd8ee84e00126bedce34ee4e839f9225c24f567d43d6da1908be6245cad7bd70a976710ce60ed89373bfe70e9c20c1e53e8d5d168b6a2f17071a10acf9f29f674d8b83d8022b3648fa2c2157826adf61950c655021c604030a35555997b7624f77be26bb25cb43e2923ef44c6eaa132c7a14c450ea54e285929c68f37


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  80192.168.2.74980550.56.19.1124437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:58 UTC2262OUTGET /webapi/Announcements/GetPromo?url=https://www.telerik.com/download/fiddler/first-run HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  Cache-Control: max-age=0
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/download/fiddler/first-run
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _ga=GA1.1.925834404.1713914987; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-tracking-consent=true; sf-prs-ss=638495117894670000; sf-prs-lu=https://www.telerik.com/download/fiddler/first-run; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjpmYWxzZX0=; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; _cq_pxg=3|594323327|975652292|event=conversion; elqUserId=a19fc914-6c53-4783-a26e-ba38f50b2a88; _uetsid=62ec1d5001c911ef8802d7a3fb1ea1ce; _uetvid=62ec671001c911ef89dd470cec5d38bd; _fbp=fb.1.1713914994453.110516813; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A55+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=1&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1; ki_t=1713914995146%3B1713914995146%3B1713914995146%3B1%3B1; ki_r=; _ga_9JSNBCSF54=GS1.1.1713914987.1.0.1713914996.51.0.0; sf-ins-pv-id=eef0eedd-b11e-465f-ae5a-179b4f5e0fb9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:58 UTC705INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Content-Length: 35
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/json; charset=utf-8
                                                                                                                                                                                                                                                                                                                                  Expires: -1
                                                                                                                                                                                                                                                                                                                                  Set-Cookie: sid=4E8T/K7b/UIgOwDUe0auBx7l/bA2x7CKH5D9+jwrbWjec35tGt6Q1JZrjB5OiY9llEMhX7Kk39Au+UugUVvtmiQThSZ06rcWyeiBM7+xrwN+mIXIKqKX1LuFJehP5jp0TgCr1Os6vFxScqBfF/uzDgYL3EE=; expires=Fri, 21-Apr-2034 23:29:58 GMT; path=/; secure; HttpOnly; SameSite=Lax
                                                                                                                                                                                                                                                                                                                                  Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: http://localconverter.telerik.com
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:58 GMT
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:58 UTC35INData Raw: 7b 22 63 6f 6e 74 65 6e 74 22 3a 7b 22 70 72 6f 6d 6f 56 69 65 77 4d 6f 64 65 6c 22 3a 6e 75 6c 6c 7d 7d
                                                                                                                                                                                                                                                                                                                                  Data Ascii: {"content":{"promoViewModel":null}}


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  81192.168.2.74982952.252.156.534437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:58 UTC607OUTOPTIONS /collect/v2/data-centers/76766c2b-82f4-2453-81e5-fd840f3b455b/datasources/TelerikCom/interactions HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: api.insight.sitefinity.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Access-Control-Request-Method: POST
                                                                                                                                                                                                                                                                                                                                  Access-Control-Request-Headers: content-type
                                                                                                                                                                                                                                                                                                                                  Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:58 UTC1396INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:58 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Headers: Content-Type, Content-Length, X-Requested-With, Authorization, x-dataintelligence-accountkey, x-dataintelligence-datacenterkey, x-dataintelligence-datasource, x-dataintelligence-sort, x-dataintelligence-skip, x-dataintelligence-take, x-dataintelligence-fields, x-dataintelligence-count, x-dataintelligence-filterby, x-dataintelligence-filter, x-dataintelligence-contains, x-dataintelligence-nextrowkey, x-dataintelligence-flush, x-dataintelligence-fromdate, x-dataintelligence-todate, x-dataintelligence-period, x-dataintelligence-scale, x-dataintelligence-predicate, x-dataintelligence-subject, x-dataintelligence-ids, x-dataintelligence-datasources, x-dataintelligence-imagecrop, x-dataintelligence-contacts, x-forwarded-for, x-dataintelligence-sdk-version, Referer, Origin, x-dataintelligence-clientid, x-dataintelligence-campaignids, x-dataintelligence-userid, x-dataintelligence-errorid, x-dataintelligence-correlationid, cf-connecting-ip, x-forwarded-for, http_x_forwarded_for, x-forwarded, x-cluster-client-ip, forwarded-for, forwarded, remote_addr, client-ip
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  request-context: appId=cid-v1:a33f2e3a-ec15-4d53-8ac6-897af884626b
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  82192.168.2.7498223.248.162.964437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:58 UTC1642OUTGET /mon HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: obseu.ytwohlcq.telerik.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _ga=GA1.1.925834404.1713914987; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjpmYWxzZX0=; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; cg_uuid=490a579c4dfc5a03b8ee2ef3e0a6a990; _cq_pxg=3|594323327|975652292|event=conversion; _ga_9JSNBCSF54=GS1.1.1713914987.1.0.1713914991.56.0.0; _fbp=fb.1.1713914994453.110516813; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A55+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=1&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:58 UTC268INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: undefined
                                                                                                                                                                                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/json
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:58 GMT
                                                                                                                                                                                                                                                                                                                                  Connection: close


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  83192.168.2.74983152.252.156.534437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:58 UTC638OUTOPTIONS /collect/v2/data-centers/76766c2b-82f4-2453-81e5-fd840f3b455b/datasources/TelerikCom/interactions HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: api.insight.sitefinity.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Access-Control-Request-Method: POST
                                                                                                                                                                                                                                                                                                                                  Access-Control-Request-Headers: content-type,x-dataintelligence-sdk-version
                                                                                                                                                                                                                                                                                                                                  Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:58 UTC1396INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:58 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Headers: Content-Type, Content-Length, X-Requested-With, Authorization, x-dataintelligence-accountkey, x-dataintelligence-datacenterkey, x-dataintelligence-datasource, x-dataintelligence-sort, x-dataintelligence-skip, x-dataintelligence-take, x-dataintelligence-fields, x-dataintelligence-count, x-dataintelligence-filterby, x-dataintelligence-filter, x-dataintelligence-contains, x-dataintelligence-nextrowkey, x-dataintelligence-flush, x-dataintelligence-fromdate, x-dataintelligence-todate, x-dataintelligence-period, x-dataintelligence-scale, x-dataintelligence-predicate, x-dataintelligence-subject, x-dataintelligence-ids, x-dataintelligence-datasources, x-dataintelligence-imagecrop, x-dataintelligence-contacts, x-forwarded-for, x-dataintelligence-sdk-version, Referer, Origin, x-dataintelligence-clientid, x-dataintelligence-campaignids, x-dataintelligence-userid, x-dataintelligence-errorid, x-dataintelligence-correlationid, cf-connecting-ip, x-forwarded-for, http_x_forwarded_for, x-forwarded, x-cluster-client-ip, forwarded-for, forwarded, remote_addr, client-ip
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  request-context: appId=cid-v1:a33f2e3a-ec15-4d53-8ac6-897af884626b
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  84192.168.2.7498283.248.162.964437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:58 UTC1920OUTPOST /mon HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: obseu.ytwohlcq.telerik.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  Content-Length: 2094
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _ga=GA1.1.925834404.1713914987; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjpmYWxzZX0=; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; cg_uuid=490a579c4dfc5a03b8ee2ef3e0a6a990; _cq_pxg=3|594323327|975652292|event=conversion; _fbp=fb.1.1713914994453.110516813; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A55+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=1&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1; _ga_9JSNBCSF54=GS1.1.1713914987.1.0.1713914996.51.0.0
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:58 UTC2094OUTData Raw: 65 3d 33 37 64 66 62 64 38 65 65 38 34 65 30 30 31 32 36 62 65 64 63 65 33 34 65 65 34 65 38 33 39 66 39 32 32 35 63 32 34 66 35 36 37 64 34 33 64 36 64 61 31 39 30 38 62 65 36 32 34 35 63 61 64 37 62 64 37 30 61 39 37 36 37 31 30 63 65 36 30 65 64 38 39 33 37 33 62 66 65 37 30 65 39 63 32 30 63 31 65 35 33 65 38 64 35 64 31 36 38 62 36 61 32 66 31 37 30 37 31 61 31 30 61 63 66 39 66 32 39 66 36 37 34 64 38 62 38 33 64 38 30 32 32 62 33 36 34 38 66 61 32 63 32 31 35 37 38 32 36 61 64 66 36 31 39 35 30 63 36 35 35 30 32 31 63 36 30 34 30 33 30 61 33 35 35 35 35 39 39 37 62 37 36 32 34 66 37 37 62 65 32 36 62 62 32 35 63 62 34 33 65 32 39 32 33 65 66 34 34 63 36 65 61 61 31 33 32 63 37 61 31 34 63 34 35 30 65 61 35 34 65 32 38 35 39 32 39 63 36 38 66 33 37
                                                                                                                                                                                                                                                                                                                                  Data Ascii: e=37dfbd8ee84e00126bedce34ee4e839f9225c24f567d43d6da1908be6245cad7bd70a976710ce60ed89373bfe70e9c20c1e53e8d5d168b6a2f17071a10acf9f29f674d8b83d8022b3648fa2c2157826adf61950c655021c604030a35555997b7624f77be26bb25cb43e2923ef44c6eaa132c7a14c450ea54e285929c68f37
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:59 UTC282INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/json
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:59 GMT
                                                                                                                                                                                                                                                                                                                                  Connection: close


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  85192.168.2.749832104.18.32.1374437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:58 UTC597OUTGET /cookieconsentpub/v1/geo/location HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: geolocation.onetrust.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  accept: application/json
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:58 UTC370INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:58 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/json
                                                                                                                                                                                                                                                                                                                                  Content-Length: 67
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Methods: GET, OPTIONS
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                                                                                                                                                                                  CF-RAY: 8791a386cc530ad5-LAS
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:58 UTC67INData Raw: 7b 22 63 6f 75 6e 74 72 79 22 3a 22 55 53 22 2c 22 73 74 61 74 65 22 3a 22 4e 56 22 2c 22 73 74 61 74 65 4e 61 6d 65 22 3a 22 4e 65 76 61 64 61 22 2c 22 63 6f 6e 74 69 6e 65 6e 74 22 3a 22 4e 41 22 7d
                                                                                                                                                                                                                                                                                                                                  Data Ascii: {"country":"US","state":"NV","stateName":"Nevada","continent":"NA"}


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  86192.168.2.74983350.56.19.1124437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:58 UTC2811OUTGET /RestApi/personalizations/render?pageNodeId=5ceb4be1-05bd-4c69-892a-2c2bbd37538b&pageDataId=1f960fad-aef2-4475-8978-52fb7a29dbc9&pageNodeKey=5CEB4BE1-05BD-4C69-892A-2C2BBD37538B/b31ca85c-a1c5-4a9d-8b5d-e7b0736a8b16/SitefinitySiteMap&url=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&controls=09f9bb4f-5990-40af-b361-7849c73c9604_1,0cd3f511-e7d9-4e23-8773-26005ae09893_1,25637a62-a321-49a0-8b7e-5962dc977e95_1,6b5ac4dc-8fd0-4043-bd0a-e9ffd31e3bc8_1&correlationId=lvd0qj2kn097okrw3nn HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Content-type: application/json; charset=utf-8
                                                                                                                                                                                                                                                                                                                                  Accept: application/json
                                                                                                                                                                                                                                                                                                                                  SF_URL_REFERER: https://www.telerik.com/download/fiddler/first-run
                                                                                                                                                                                                                                                                                                                                  X-Requested-With: XMLHttpRequest
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/download/fiddler/first-run
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _ga=GA1.1.925834404.1713914987; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-tracking-consent=true; sf-prs-ss=638495117894670000; sf-prs-lu=https://www.telerik.com/download/fiddler/first-run; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjpmYWxzZX0=; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; _cq_pxg=3|594323327|975652292|event=conversion; elqUserId=a19fc914-6c53-4783-a26e-ba38f50b2a88; _uetsid=62ec1d5001c911ef8802d7a3fb1ea1ce; _uetvid=62ec671001c911ef89dd470cec5d38bd; _fbp=fb.1.1713914994453.110516813; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A55+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=1&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1; ki_t=1713914995146%3B1713914995146%3B1713914995146%3B1%3B1; ki_r=; _ga_9JSNBCSF54=GS1.1.1713914987.1.0.1713914996.51.0.0; sf-ins-pv-id=eef0eedd-b11e-465f-ae5a-179b4f5e0fb9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:59 UTC720INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/json; charset=utf-8
                                                                                                                                                                                                                                                                                                                                  Expires: -1
                                                                                                                                                                                                                                                                                                                                  Vary: Accept
                                                                                                                                                                                                                                                                                                                                  Set-Cookie: sid=/pU34nM7xcF1a1i8u1OTxx/5J7bGqqAKXB2hXQOSALC5RJ2vae2gTRMWBg3kyy445Vdm0qRGnvVHMEEoR6SE1I1o0VOa/z9xqn/whm5Vqb40haS8tZDTwRx1NODFFQTPT3eFyQBOkyaTEQw3mN7RJIPVp00=; expires=Fri, 21-Apr-2034 23:29:59 GMT; path=/; secure; HttpOnly; SameSite=Lax
                                                                                                                                                                                                                                                                                                                                  Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: http://localconverter.telerik.com
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:59 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Length: 953
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:59 UTC747INData Raw: 5b 7b 22 43 6f 6e 74 72 6f 6c 49 64 22 3a 22 30 39 66 39 62 62 34 66 2d 35 39 39 30 2d 34 30 61 66 2d 62 33 36 31 2d 37 38 34 39 63 37 33 63 39 36 30 34 22 2c 22 43 6f 6e 74 65 6e 74 22 3a 22 3c 68 72 20 63 6c 61 73 73 3d 5c 22 75 2d 6d 74 34 20 75 2d 6d 62 36 5c 22 20 2f 3e 3c 68 32 3e 44 6f 20 79 6f 75 20 6e 65 65 64 20 74 6f 20 62 75 69 6c 64 20 63 6f 6d 70 6c 65 78 20 55 49 20 66 61 73 74 3f 20 3c 2f 68 32 3e 22 7d 2c 7b 22 43 6f 6e 74 72 6f 6c 49 64 22 3a 22 30 63 64 33 66 35 31 31 2d 65 37 64 39 2d 34 65 32 33 2d 38 37 37 33 2d 32 36 30 30 35 61 65 30 39 38 39 33 22 2c 22 43 6f 6e 74 65 6e 74 22 3a 22 5c 72 5c 6e 5c 72 5c 6e 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 5c 22 75 2d 74 61 72 5c 22 3e 5c 72 5c 6e 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                  Data Ascii: [{"ControlId":"09f9bb4f-5990-40af-b361-7849c73c9604","Content":"<hr class=\"u-mt4 u-mb6\" /><h2>Do you need to build complex UI fast? </h2>"},{"ControlId":"0cd3f511-e7d9-4e23-8773-26005ae09893","Content":"\r\n\r\n <div class=\"u-tar\">\r\n
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:59 UTC206INData Raw: 20 75 70 20 79 6f 75 72 20 64 65 76 65 6c 6f 70 6d 65 6e 74 3a 20 61 63 63 65 73 73 20 74 68 69 73 20 6c 61 72 67 65 20 6c 69 62 72 61 72 79 20 6f 66 20 68 69 67 68 2d 71 75 61 6c 69 74 79 20 63 6f 6d 70 6f 6e 65 6e 74 73 2c 20 66 72 6f 6d 20 73 6f 70 68 69 73 74 69 63 61 74 65 64 20 67 72 69 64 73 20 61 6e 64 20 63 68 61 72 74 73 20 74 6f 20 62 75 74 74 6f 6e 73 20 61 6e 64 20 6d 65 6e 75 73 21 3c 2f 70 3e 22 7d 2c 7b 22 43 6f 6e 74 72 6f 6c 49 64 22 3a 22 36 62 35 61 63 34 64 63 2d 38 66 64 30 2d 34 30 34 33 2d 62 64 30 61 2d 65 39 66 66 64 33 31 65 33 62 63 38 22 2c 22 43 6f 6e 74 65 6e 74 22 3a 22 22 7d 5d
                                                                                                                                                                                                                                                                                                                                  Data Ascii: up your development: access this large library of high-quality components, from sophisticated grids and charts to buttons and menus!</p>"},{"ControlId":"6b5ac4dc-8fd0-4043-bd0a-e9ffd31e3bc8","Content":""}]


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  87192.168.2.74983452.252.156.534437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:59 UTC704OUTPOST /collect/v2/data-centers/76766c2b-82f4-2453-81e5-fd840f3b455b/datasources/TelerikCom/interactions HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: api.insight.sitefinity.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  Content-Length: 996
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  content-type: application/json
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:59 UTC996OUTData Raw: 7b 22 4f 22 3a 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 65 6c 65 72 69 6b 2e 63 6f 6d 2f 64 6f 77 6e 6c 6f 61 64 2f 66 69 64 64 6c 65 72 2f 66 69 72 73 74 2d 72 75 6e 22 2c 22 4f 4d 22 3a 7b 22 49 64 22 3a 22 35 63 65 62 34 62 65 31 2d 30 35 62 64 2d 34 63 36 39 2d 38 39 32 61 2d 32 63 32 62 62 64 33 37 35 33 38 62 22 2c 22 43 6f 6e 74 65 6e 74 54 79 70 65 22 3a 22 50 61 67 65 22 2c 22 54 69 74 6c 65 22 3a 22 46 69 72 73 74 20 72 75 6e 22 2c 22 43 61 6e 6f 6e 69 63 61 6c 54 69 74 6c 65 22 3a 22 46 69 72 73 74 20 72 75 6e 22 2c 22 44 65 66 61 75 6c 74 4c 61 6e 67 75 61 67 65 22 3a 22 65 6e 22 2c 22 43 72 65 61 74 65 64 4f 6e 22 3a 22 32 30 31 34 2d 30 31 2d 32 36 54 31 36 3a 34 31 3a 31 38 5a 22 2c 22 4d 6f 64 69 66 69 65 64 4f 6e 22 3a 22 32 30 32 32 2d
                                                                                                                                                                                                                                                                                                                                  Data Ascii: {"O":"https://www.telerik.com/download/fiddler/first-run","OM":{"Id":"5ceb4be1-05bd-4c69-892a-2c2bbd37538b","ContentType":"Page","Title":"First run","CanonicalTitle":"First run","DefaultLanguage":"en","CreatedOn":"2014-01-26T16:41:18Z","ModifiedOn":"2022-
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:59 UTC1484INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:59 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/json; charset=utf-8
                                                                                                                                                                                                                                                                                                                                  Content-Length: 1
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Headers: Content-Type, Content-Length, X-Requested-With, Authorization, x-dataintelligence-accountkey, x-dataintelligence-datacenterkey, x-dataintelligence-datasource, x-dataintelligence-sort, x-dataintelligence-skip, x-dataintelligence-take, x-dataintelligence-fields, x-dataintelligence-count, x-dataintelligence-filterby, x-dataintelligence-filter, x-dataintelligence-contains, x-dataintelligence-nextrowkey, x-dataintelligence-flush, x-dataintelligence-fromdate, x-dataintelligence-todate, x-dataintelligence-period, x-dataintelligence-scale, x-dataintelligence-predicate, x-dataintelligence-subject, x-dataintelligence-ids, x-dataintelligence-datasources, x-dataintelligence-imagecrop, x-dataintelligence-contacts, x-forwarded-for, x-dataintelligence-sdk-version, Referer, Origin, x-dataintelligence-clientid, x-dataintelligence-campaignids, x-dataintelligence-userid, x-dataintelligence-errorid, x-dataintelligence-correlationid, cf-connecting-ip, x-forwarded-for, http_x_forwarded_for, x-forwarded, x-cluster-client-ip, forwarded-for, forwarded, remote_addr, client-ip
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  ETag: W/"1-NWoZK3kTsExUV00Ywo1G5jlUKKs"
                                                                                                                                                                                                                                                                                                                                  request-context: appId=cid-v1:a33f2e3a-ec15-4d53-8ac6-897af884626b
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:59 UTC1INData Raw: 31
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 1


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  88192.168.2.74983552.252.156.534437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:59 UTC747OUTPOST /collect/v2/data-centers/76766c2b-82f4-2453-81e5-fd840f3b455b/datasources/TelerikCom/interactions HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: api.insight.sitefinity.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  Content-Length: 927
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/json
                                                                                                                                                                                                                                                                                                                                  x-dataintelligence-sdk-version: js-3.1.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:59 UTC927OUTData Raw: 7b 22 53 22 3a 22 31 37 31 33 39 31 34 39 38 39 34 36 39 2d 30 39 31 37 37 33 66 33 2d 39 30 30 61 2d 34 35 64 32 2d 62 65 30 38 2d 61 31 64 35 62 34 35 64 66 65 34 32 22 2c 22 50 22 3a 22 56 69 73 69 74 22 2c 22 4f 22 3a 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 65 6c 65 72 69 6b 2e 63 6f 6d 2f 64 6f 77 6e 6c 6f 61 64 2f 66 69 64 64 6c 65 72 2f 66 69 72 73 74 2d 72 75 6e 22 2c 22 4f 4d 22 3a 7b 22 49 64 22 3a 22 35 63 65 62 34 62 65 31 2d 30 35 62 64 2d 34 63 36 39 2d 38 39 32 61 2d 32 63 32 62 62 64 33 37 35 33 38 62 22 2c 22 43 6f 6e 74 65 6e 74 54 79 70 65 22 3a 22 50 61 67 65 22 2c 22 54 69 74 6c 65 22 3a 22 46 69 72 73 74 20 72 75 6e 22 2c 22 43 61 6e 6f 6e 69 63 61 6c 54 69 74 6c 65 22 3a 22 46 69 72 73 74 20 72 75 6e 22 2c 22 44 65 66 61 75 6c 74
                                                                                                                                                                                                                                                                                                                                  Data Ascii: {"S":"1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42","P":"Visit","O":"https://www.telerik.com/download/fiddler/first-run","OM":{"Id":"5ceb4be1-05bd-4c69-892a-2c2bbd37538b","ContentType":"Page","Title":"First run","CanonicalTitle":"First run","Default
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:59 UTC1484INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:29:59 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/json; charset=utf-8
                                                                                                                                                                                                                                                                                                                                  Content-Length: 1
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Headers: Content-Type, Content-Length, X-Requested-With, Authorization, x-dataintelligence-accountkey, x-dataintelligence-datacenterkey, x-dataintelligence-datasource, x-dataintelligence-sort, x-dataintelligence-skip, x-dataintelligence-take, x-dataintelligence-fields, x-dataintelligence-count, x-dataintelligence-filterby, x-dataintelligence-filter, x-dataintelligence-contains, x-dataintelligence-nextrowkey, x-dataintelligence-flush, x-dataintelligence-fromdate, x-dataintelligence-todate, x-dataintelligence-period, x-dataintelligence-scale, x-dataintelligence-predicate, x-dataintelligence-subject, x-dataintelligence-ids, x-dataintelligence-datasources, x-dataintelligence-imagecrop, x-dataintelligence-contacts, x-forwarded-for, x-dataintelligence-sdk-version, Referer, Origin, x-dataintelligence-clientid, x-dataintelligence-campaignids, x-dataintelligence-userid, x-dataintelligence-errorid, x-dataintelligence-correlationid, cf-connecting-ip, x-forwarded-for, http_x_forwarded_for, x-forwarded, x-cluster-client-ip, forwarded-for, forwarded, remote_addr, client-ip
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  ETag: W/"1-NWoZK3kTsExUV00Ywo1G5jlUKKs"
                                                                                                                                                                                                                                                                                                                                  request-context: appId=cid-v1:a33f2e3a-ec15-4d53-8ac6-897af884626b
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:29:59 UTC1INData Raw: 31
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 1


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  89192.168.2.749838142.250.141.1064437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:00 UTC856OUTPOST /pagead/landing?gcs=G111&gcd=13t3t3t3t5&rnd=1853818599.1713914998&url=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&dma=0&npa=0&gtm=45je44m0v9167661709z8536291za200&auid=571138784.1713914988 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: www.google.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:00 UTC859INHTTP/1.1 302 Found
                                                                                                                                                                                                                                                                                                                                  P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
                                                                                                                                                                                                                                                                                                                                  Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:00 GMT
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                                                                                                                  Content-Type: image/gif
                                                                                                                                                                                                                                                                                                                                  Content-Security-Policy: script-src 'none'; object-src 'none'
                                                                                                                                                                                                                                                                                                                                  Location: https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&rnd=1853818599.1713914998&url=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&dma=0&npa=0&gtm=45je44m0v9167661709z8536291za200&auid=571138784.1713914988
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  Server: cafe
                                                                                                                                                                                                                                                                                                                                  Content-Length: 42
                                                                                                                                                                                                                                                                                                                                  X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:00 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                                                                  Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  90192.168.2.749836104.17.246.2034437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:00 UTC542OUTGET /web-vitals/dist/web-vitals.iife.js HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: unpkg.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:00 UTC548INHTTP/1.1 302 Found
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:00 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Type: text/plain; charset=utf-8
                                                                                                                                                                                                                                                                                                                                  Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  access-control-allow-origin: *
                                                                                                                                                                                                                                                                                                                                  cache-control: public, s-maxage=600, max-age=60
                                                                                                                                                                                                                                                                                                                                  location: /web-vitals@3.5.2/dist/web-vitals.iife.js
                                                                                                                                                                                                                                                                                                                                  vary: Accept
                                                                                                                                                                                                                                                                                                                                  via: 1.1 fly.io
                                                                                                                                                                                                                                                                                                                                  fly-request-id: 01HW6M53VK5S24BKQXEM01HZ69-lax
                                                                                                                                                                                                                                                                                                                                  CF-Cache-Status: HIT
                                                                                                                                                                                                                                                                                                                                  Age: 583
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                                                                                                                                                                                  CF-RAY: 8791a3901d270ad1-LAS
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:00 UTC69INData Raw: 33 66 0d 0a 46 6f 75 6e 64 2e 20 52 65 64 69 72 65 63 74 69 6e 67 20 74 6f 20 2f 77 65 62 2d 76 69 74 61 6c 73 40 33 2e 35 2e 32 2f 64 69 73 74 2f 77 65 62 2d 76 69 74 61 6c 73 2e 69 69 66 65 2e 6a 73 0d 0a
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 3fFound. Redirecting to /web-vitals@3.5.2/dist/web-vitals.iife.js
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:00 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 0


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  91192.168.2.7498373.248.162.964437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:00 UTC7324OUTGET /ct?id=37678&url=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&sf=0&tpi=&ch=Telerik&uvid=&tsf=0&tsfmi=&tsfu=&cb=1713914997517&hl=1&op=0&ag=300509663&rand=039280971260119758819251020028629021601221976155020279621809222752118268259696351250&fs=1034x870&fst=1034x870&np=win32&nv=google%20inc.&ref=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&ss=1280x1024&nc=0&at=&di=W1siZWYiLDk1XSxbImJuY2giLDldLFsiYWJuY2giLDldLFstNTksImRlZmF1bHQiXSxbLTUsIi0iXSxbLTE5LCJbMTAsMTAsMTAsMTAsMCwwLDEsMjQsMjQsXCItXCIsMTI4MCw5ODQsMTI4MCwxMDI0LDEwNTAsOTY0LDEwMzQsODcwLDAsMCwwLDAsXCItXCIsXCItXCIsMTAxNyw4NzBdIl0sWy00NCwiMCwwLDAsNSJdLFstMjIsIltcInJcIixcInJcIl0iXSxbLTU3LCJXRTBaZUV0TFdFQVhUMXdaRVZGTlRVbEtBeFlXWEV4V1d4ZEFUVTVXVVZWYVNCZE5YRlZjUzFCU0YxcFdWQlpLUVVrV1VCWUFEUWtKRFE0QURRc0pEUTVmQUY4SkRRRmRDMW9JWEFoZkQxc09BUTBBQ3hkVFNnTUlBdzhPQ3dnSUVBPT0iXSxbLTY0LCJbMCxcIldpbmRvd3NcIixbe1wiYlwiOlwiR29vZ2xlIENocm9tZVwiLFwidlwiOlwiMTE3XCJ9LHtcImJcIjpcIk5vdDtBPUJyYW5kXCIsXCJ2XCI6XCI4XCJ9LHtcImJcIjpcIkNocm9taXVtXCIsXCJ2XCI6XCIxMTdcIn1dXSJdLFstNCwiLSJdLFstMTgsIlswLDAsMCwxXSJdLFstMzcsIi0xMDktNjYtNzAtIl0sWy0xMCwiLSJdLFstMjQsIltdIl0sWy01OCwiLSJdLFstMTUsIi0iXSxbLTUwLCItIl0sWy02NiwiZ2VvbG9jYXRpb24sc3RvcmFnZWFjY2VzcyxnYW1lcGFkLGNoZWN0LG1pZGksZGlzcGxheWNhcHR1cmUsdXNiLGJyb3dzaW5ndG9waWNzLGxvY2FsZm9udHMscGljdHVyZWlucGljdHVyZSxqb2luYWRpbnRlcmVzdGdyb3VwLHB1YmxpY2tleWNyZWRlbnRpYWxzZ2V0LG90cGNyZWRlbnRpYWxzLGNodWFmb3JtZmFjdG9yLGVuY3J5cHRlZG1lZGlhLGNoc2F2ZWRhdGEsY2h1YWZ1bGx2ZXJzaW9ubGlzdCxjaHVhd293NjQsc2hhcmVkc3RvcmFnZSxjaGRvd25saW5rLGNocHJlZmVyc2NvbG9yc2NoZW1lLHN5bmN4aHIsY2h1YW1vZGVsLHNlcmlhbCxjYW1lcmEsY2hwcmVmZXJzcmVkdWNlZG1vdGlvbixwcml2YXRlc3RhdGV0b2tlbmlzc3VhbmNlLGJsdWV0b290aCxpZGVudGl0eWNyZWRlbnRpYWxzZ2V0LGNodWFmdWxsdmVyc2lvbixmdWxsc2NyZWVuLGNoZHByLHVubG9hZCxrZXlib2FyZG1hcCxjaHVhcGxhdGZvcm0sc2hhcmVkc3RvcmFnZXNlbGVjdHVybCxneXJvc2NvcGUsaW50ZXJlc3Rjb2hvcnQsd2luZG93cGxhY2VtZW50LGNodWFtb2JpbGUsY2h1YSxydW5hZGF1Y3Rpb24sbWFnbmV0b21ldGVyLGFjY2VsZXJvbWV0ZXIscHJpdmF0ZXN0YXRldG9rZW5yZWRlbXB0aW9uLGNodWFhcmNoLHhyc3BhdGlhbHRyYWNraW5nLGlkbGVkZXRlY3Rpb24sY2h1YXBsYXRmb3JtdmVyc2lvbixjaHdpZHRoLGNsaXBib2FyZHJlYWQsY2h2aWV3cG9ydHdpZHRoLHBheW1lbnQsY2h2aWV3cG9ydGhlaWdodCxjaHJ0dCxhdXRvcGxheSxjcm9zc29yaWdpbmlzb2xhdGVkLGhpZCxjaHVhYml0bmVzcyxzY3JlZW53YWtlbG9jayxwcml2YXRlYWdncmVnYXRpb24sY2xpcGJvYXJkd3JpdGUsYXR0cmlidXRpb25yZXBvcnRpbmcsY2hkZXZpY2VtZW1vcnksbWljcm9waG9uZSJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltcIm9nOnRpdGxlXCIsXCJ0d2l0dGVyOnRpdGxlXCJdfSJdLFstMjMsIisiXSxbLTcsIi0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTM5LCJbXCIyMDAzMDEwN1wiLDIsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixudWxsLG51bGwsdHJ1ZSw4LGZhbHNlLG51bGwsNSx0cnVlLHRydWUsbnVsbCwwLHRydWUsdHJ1ZV0iXSxbLTQ1LCItIl0sWy0zMywiLSJdLFstNDcsIkV1cm9wZS9adXJpY2gsZW4tVVMsbGF0bixncmVnb3J5Il0sWy00OCwiMCwwIl0sWy00MSwiLSJdLFstMjAsIjkyNTgzNDQwNC4xNzEzOTE0OTg3Il0sWy0zMiwiLSJdLFstNDksIi0iXSxbLTEzLCItIl0sWy0yNywiWzQwMCwxLjUsMCxcIjNnXCIsbnVsbF0iXSxbLTY4LCItIl0sWy0xNiwiMCJdLFstMzYsIltcIjUvNFwiLFwiNS80XCJdIl0sWy0xNCwiLSJdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbFwiLFwidlwiOlwiZ29vZ2xlIGluYy4gKGdvb2dsZSlcIixcInJcIjpcImFuZ2xlIChnb29nbGUsIHZ1bGthbiAxLjMuMCAoc3dpZnRzaGFkZXIgZGV2aWNlIChzdWJ6ZXJvKSAoMHgwMDAwYzBkZSkpLCBzd2lmdHNoYWRlciBkcml2ZXIpXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wgZXMgMS4wIChvcGVuZ2wgZXMgZ2xzbCBlcyAxLjAgY2hyb21pdW0pXCIsXCJndmVyXCI6XCJ3ZWJnbCAxLjAgKG9wZW5nbCBlcyAyLjAgY2hyb21pdW0pXCIsXCJndmVuXCI6XCJ3ZWJraXRcIixcImJlblwiOjcsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwid2Via2l0IHdlYmdsXCIsXCJzZWZcIjozNjk4NTE4NzEwLFwic2VjXCI6XCJcIn0iXSxbLTM4LCJpLC0xLC0xLDQsMCw5LDAsMCw0MjEsMTA4NiwtMSwwLDEyMjguNSwxMjI4LjUsMjMxNywyMzE3Il0sWy00NiwiMCJdLFstNTQsIntcImhcIjpbXCJfMFwiLFwiNDI4ODMxMjQ1N1wiLFwiXzNcIixcIjI4NzI4OTkzMjBcIl0sXCJkXCI6W10sXCJiXCI6W1wiXzBcIixcIjM5MDgxNzk3MTdcIixcIl8xXCIsXCIzOTA4MTc5NzE3XCJdLFwic1wiOjF9Il0sWy02NywiMjUzMjMxMjg4ODozMyJdLFstMywiW1wiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiXSJdLFstNTMsIjEwMCJdLFstNTUsIjEiXSxbLTM0LCItIl0sWy02NSwiLSJdLFstNjMsIi0iXSxbLTI2LCJ7XCJ0amhzXCI6MzY5MjY2NzEsXCJ1amhzXCI6MzA2MTQzMzEsXCJqaHNsXCI6MjE3MjY0OTQ3Mn0iXSxbLTQwLCIzMyJdLFstMSwiLSJdLFstMzUsIlsxNzEzOTE0OTk3NTA1LC0yXSJdLFstNTIsIi0iXSxbLTI1LCItIl0sWy00MiwiMTcyNDI5NzY1MyJdLFstMTcsIjQiXSxbLTYyLCI4MCJdLFstNiwiLSJdLFstMjEsIi0iXSxbLTYxLCJ7XCJ3Z3NsXCI6XCIwO1wiLFwicGNmXCI6XCJiZ3JhOHVub3JtXCJ9Il0sWy01NiwibGFuZHNjYXBlLXByaW1hcnkiXSxbLTQzLCIwMDAwMDAwMTAxMDAwMDAxMTAxMTEwMTEwMTEwMTEwMTAwMDAwMSJdLFstOCwiLSJdLFstMTIsIm51bGwiXSxbLTIsIjQsZDRIT1hWUFg3Zk5qTmIxS3U3Y1c5Z1RHODJ2UVZJNkFtOWd5RkFBaUhrVHlEQmZNbVhYaWlwaEVEb3hjYjBGakNZMEEzR051RGVKRmRaWGRveTVXMy81ODVxcGJVdzVjdFBmdiJdLFstMjksIi0iXSxbLTUxLCItIl0sWy05LCIrIl0sWy0zMSwiZmFsc2UiXSxbLTI4LCJlbi1VUyxlbiJdLFstNjAsIi0iXSxbImRkYiIsIjAsNCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDEsMiwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDEsMCwwLDAsMCwxLDAsMCwwLDMsNCwwLDAsMCwwLDAsMCwwLDM0LDAiXSxbImNiIiwiMCwwLDAsMCwwLDAsMCwwLDAsMywwLDAsOCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMjgsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxNywxLDAsMCwwLDAsMCwxLDEsMCJdXQ%3D%3D&dep=0&pre=0&sdd=%7B%7D&cri=JFpDhY30Gl&pto=2367&ver=59&gac=925834404.1713914987&mei=&ap=&fe=0&duid=1.1713914987.ttMfVwhY9k56diVz&suid=1.1713914987.pGYyDePOB7d0lADU&tuid=1.1713914987.PKATXFFqPmhD391g&fbc=1.1713914994453.110516813&gtm=WyJwZXJzaXN0dXVpZCIsInRheF9sb2FkZWQiLCJlbHFRX2xvYWRlZCJd&it=28%2C1918%2C273&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=62ec671001c911ef89dd470cec5d38bd&spa=1&urid=0&ab=&sck=- HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: obseu.ytwohlcq.telerik.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _ga=GA1.1.925834404.1713914987; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjpmYWxzZX0=; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; cg_uuid=490a579c4dfc5a03b8ee2ef3e0a6a990; _cq_pxg=3|594323327|975652292|event=conversion; _fbp=fb.1.1713914994453.110516813; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A55+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=1&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1; _ga_9JSNBCSF54=GS1.1.1713914987.1.1.1713914997.50.0.0
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:00 UTC244INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                                                                                                                  Content-Type: text/javascript
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:00 GMT
                                                                                                                                                                                                                                                                                                                                  Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:00 UTC935INData Raw: 31 30 62 62 0d 0a 74 79 70 65 6f 66 20 5f 5f 63 74 63 67 5f 63 74 5f 33 37 36 37 38 5f 65 78 65 63 20 3d 3d 3d 20 27 66 75 6e 63 74 69 6f 6e 27 20 26 26 20 5f 5f 63 74 63 67 5f 63 74 5f 33 37 36 37 38 5f 65 78 65 63 28 7b 22 74 63 22 3a 22 33 37 64 66 62 64 38 65 65 38 34 65 30 30 31 32 36 62 65 64 63 65 33 34 65 66 34 37 38 61 39 64 39 32 32 35 63 32 34 66 35 36 37 64 34 33 64 36 64 61 31 39 30 38 62 65 36 32 34 35 63 61 64 37 62 64 37 30 61 39 37 36 37 35 30 65 66 38 30 65 64 38 39 33 37 33 62 66 65 37 30 65 39 63 32 30 63 31 65 35 33 65 38 64 35 64 31 36 38 62 36 61 32 66 31 37 30 37 31 61 31 30 61 63 66 39 66 32 39 66 36 37 34 64 38 62 38 33 64 38 30 32 32 62 33 36 34 38 66 61 32 63 32 31 35 37 38 32 36 61 64 66 36 31 39 35 30 63 36 35 35 30 32 31 63
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 10bbtypeof __ctcg_ct_37678_exec === 'function' && __ctcg_ct_37678_exec({"tc":"37dfbd8ee84e00126bedce34ef478a9d9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5d168b6a2f17071a10acf9f29f674d8b83d8022b3648fa2c2157826adf61950c655021c
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:00 UTC2358INData Raw: 65 32 62 63 61 38 39 65 30 62 32 37 63 38 32 62 66 61 61 35 39 36 62 36 62 38 34 65 37 35 33 34 37 64 64 66 61 30 64 35 31 30 34 66 32 65 32 65 35 32 34 62 62 36 63 63 33 61 38 31 66 61 62 66 64 36 63 66 37 32 32 62 32 32 64 38 37 30 30 38 63 30 36 64 64 62 61 35 38 39 32 34 36 37 32 61 36 66 37 63 39 37 34 32 33 32 64 33 65 35 32 36 63 35 32 30 62 34 36 65 65 62 38 64 33 33 32 63 30 30 38 61 35 30 37 35 63 35 66 33 62 61 66 65 35 33 63 38 33 63 31 34 64 35 32 62 61 63 31 38 62 61 38 62 36 37 65 63 62 65 66 65 31 66 34 38 35 66 63 61 62 66 31 34 66 35 31 33 64 66 63 34 36 38 35 62 66 35 38 36 61 38 61 34 62 36 32 30 39 63 62 37 31 30 62 32 33 31 66 61 61 32 32 66 61 32 38 35 64 62 62 62 66 64 33 36 39 39 38 36 31 63 39 32 34 38 63 61 61 32 66 63 34 62 39
                                                                                                                                                                                                                                                                                                                                  Data Ascii: e2bca89e0b27c82bfaa596b6b84e75347ddfa0d5104f2e2e524bb6cc3a81fabfd6cf722b22d87008c06ddba58924672a6f7c974232d3e526c520b46eeb8d332c008a5075c5f3bafe53c83c14d52bac18ba8b67ecbefe1f485fcabf14f513dfc4685bf586a8a4b6209cb710b231faa22fa285dbbbfd3699861c9248caa2fc4b9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:00 UTC559INData Raw: 35 65 63 38 31 66 31 35 37 34 30 37 66 38 31 63 34 38 34 65 38 65 64 32 34 38 30 35 61 38 33 36 65 37 65 32 64 33 37 39 64 65 39 37 62 64 37 32 30 32 32 66 66 33 32 65 37 39 35 37 35 61 61 64 34 32 30 37 62 66 63 36 62 30 30 61 31 62 39 32 37 65 36 33 38 37 63 32 63 35 35 33 63 33 64 35 62 61 63 66 35 39 32 32 61 36 32 32 66 62 35 61 33 62 34 34 63 36 34 66 33 66 36 64 39 35 38 64 35 31 30 33 39 39 64 63 65 30 63 61 66 30 66 32 34 65 61 33 32 38 61 63 36 65 63 39 33 37 39 65 63 63 35 31 39 35 66 66 66 32 32 61 32 62 66 64 64 39 30 33 39 31 63 62 66 63 61 30 63 65 66 30 63 61 64 66 36 62 30 31 64 66 61 34 33 37 35 66 39 62 32 33 38 30 35 62 64 65 34 63 65 62 65 35 32 63 61 63 38 32 22 7d 2c 22 3c 73 63 72 69 70 74 3e 20 28 66 75 6e 63 74 69 6f 6e 28 77 2c
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 5ec81f157407f81c484e8ed24805a836e7e2d379de97bd72022ff32e79575aad4207bfc6b00a1b927e6387c2c553c3d5bacf5922a622fb5a3b44c64f3f6d958d510399dce0caf0f24ea328ac6ec9379ecc5195fff22a2bfdd90391cbfca0cef0cadf6b01dfa4375f9b23805bde4cebe52cac82"},"<script> (function(w,
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:00 UTC444INData Raw: 65 3d 6e 75 6c 6c 29 20 7d 2c 20 69 3d 64 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 28 74 29 5b 30 5d 2c 69 2e 70 61 72 65 6e 74 4e 6f 64 65 2e 69 6e 73 65 72 74 42 65 66 6f 72 65 28 6e 2c 69 29 20 7d 29 20 28 77 69 6e 64 6f 77 2c 64 6f 63 75 6d 65 6e 74 2c 5c 22 73 63 72 69 70 74 5c 22 2c 5c 22 2f 2f 62 61 74 2e 62 69 6e 67 2e 63 6f 6d 2f 62 61 74 2e 6a 73 5c 22 2c 5c 22 75 65 74 71 5c 22 29 3b 20 3c 2f 73 63 72 69 70 74 3e 22 2c 7b 22 66 62 6b 22 3a 7b 22 61 75 64 22 3a 5b 7b 22 63 6c 69 65 6e 74 49 64 22 3a 22 31 34 34 34 30 39 33 32 35 32 35 30 32 32 32 36 22 2c 22 74 79 70 65 22 3a 22 66 61 63 65 62 6f 6f 6b 22 7d 5d 7d 2c 22 67 67 61 22 3a 7b 22 61 75 64 22 3a 5b 7b 22 69 64 22 3a 22 39 37 35 36 35 32 32 39 32 22 2c 22 6c 61 62
                                                                                                                                                                                                                                                                                                                                  Data Ascii: e=null) }, i=d.getElementsByTagName(t)[0],i.parentNode.insertBefore(n,i) }) (window,document,\"script\",\"//bat.bing.com/bat.js\",\"uetq\"); </script>",{"fbk":{"aud":[{"clientId":"1444093252502226","type":"facebook"}]},"gga":{"aud":[{"id":"975652292","lab


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  92192.168.2.74982313.107.213.694437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:00 UTC595OUTGET /tag/uet/223000243 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: www.clarity.ms
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: CLID=2a63f70e8ac245f79a80d75f53b3453d.20240423.20250423
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:00 UTC379INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:00 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/x-javascript
                                                                                                                                                                                                                                                                                                                                  Content-Length: 896
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache, no-store
                                                                                                                                                                                                                                                                                                                                  Expires: -1
                                                                                                                                                                                                                                                                                                                                  Request-Context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
                                                                                                                                                                                                                                                                                                                                  x-azure-ref: 20240423T233000Z-168bb8d798bdckn765t6bhwrfn00000001q000000001tg7c
                                                                                                                                                                                                                                                                                                                                  X-Cache: CONFIG_NOCACHE
                                                                                                                                                                                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:00 UTC896INData Raw: 21 66 75 6e 63 74 69 6f 6e 28 63 2c 6c 2c 61 2c 72 2c 69 2c 74 2c 79 29 7b 61 5b 63 5d 3d 61 5b 63 5d 7c 7c 66 75 6e 63 74 69 6f 6e 28 29 7b 28 61 5b 63 5d 2e 71 3d 61 5b 63 5d 2e 71 7c 7c 5b 5d 29 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 7d 3b 66 75 6e 63 74 69 6f 6e 20 73 79 6e 63 28 29 7b 28 6e 65 77 20 49 6d 61 67 65 29 2e 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 2e 63 6c 61 72 69 74 79 2e 6d 73 2f 63 2e 67 69 66 22 7d 22 63 6f 6d 70 6c 65 74 65 22 3d 3d 64 6f 63 75 6d 65 6e 74 2e 72 65 61 64 79 53 74 61 74 65 3f 73 79 6e 63 28 29 3a 77 69 6e 64 6f 77 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 6c 6f 61 64 22 2c 73 79 6e 63 29 3b 61 5b 63 5d 28 22 6d 65 74 61 64 61 74 61 22 2c 28 66 75 6e 63 74 69 6f 6e 28 29 7b 61 5b 63 5d 28 22
                                                                                                                                                                                                                                                                                                                                  Data Ascii: !function(c,l,a,r,i,t,y){a[c]=a[c]||function(){(a[c].q=a[c].q||[]).push(arguments)};function sync(){(new Image).src="https://c.clarity.ms/c.gif"}"complete"==document.readyState?sync():window.addEventListener("load",sync);a[c]("metadata",(function(){a[c]("


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  93192.168.2.74983913.226.225.314437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:00 UTC552OUTGET /browser-perf.8417c6bba72228fa2e29.js HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: script.hotjar.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC718INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/javascript; charset=utf-8
                                                                                                                                                                                                                                                                                                                                  Content-Length: 5259
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Date: Wed, 24 Jan 2024 14:32:21 GMT
                                                                                                                                                                                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  Cache-Control: max-age=31536000
                                                                                                                                                                                                                                                                                                                                  Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                                                                  ETag: "fb9f7dae39619642ed5890e40763ef2e"
                                                                                                                                                                                                                                                                                                                                  Last-Modified: Wed, 24 Jan 2024 14:31:37 GMT
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=2592000; includeSubDomains
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  X-Robots-Tag: none
                                                                                                                                                                                                                                                                                                                                  Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                  X-Cache: Hit from cloudfront
                                                                                                                                                                                                                                                                                                                                  Via: 1.1 c806365ba43eabe769161a7b339ff968.cloudfront.net (CloudFront)
                                                                                                                                                                                                                                                                                                                                  X-Amz-Cf-Pop: LAX50-C2
                                                                                                                                                                                                                                                                                                                                  X-Amz-Cf-Id: j97zlqxrZh3FnoLyDgfsEk1a8CIcyRkLXa-rQfr6FQHfJc-I-SJyhA==
                                                                                                                                                                                                                                                                                                                                  Age: 7808260
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC3198INData Raw: 21 66 75 6e 63 74 69 6f 6e 28 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 75 6e 63 74 69 6f 6e 20 65 28 74 29 7b 72 65 74 75 72 6e 20 65 3d 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 26 26 22 73 79 6d 62 6f 6c 22 3d 3d 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 2e 69 74 65 72 61 74 6f 72 3f 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 74 79 70 65 6f 66 20 65 7d 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 65 26 26 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 26 26 65 2e 63 6f 6e 73 74 72 75 63 74 6f 72 3d 3d 3d 53 79 6d 62 6f 6c 26 26 65 21 3d 3d 53 79 6d 62 6f 6c 2e 70 72 6f 74 6f 74 79 70 65 3f 22 73 79 6d 62 6f 6c 22 3a 74 79 70 65 6f 66 20 65 7d 2c 65 28 74 29 7d
                                                                                                                                                                                                                                                                                                                                  Data Ascii: !function(){"use strict";function e(t){return e="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(e){return typeof e}:function(e){return e&&"function"==typeof Symbol&&e.constructor===Symbol&&e!==Symbol.prototype?"symbol":typeof e},e(t)}
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC2061INData Raw: 3d 74 68 69 73 2c 72 3d 21 28 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3e 31 26 26 76 6f 69 64 20 30 21 3d 3d 61 72 67 75 6d 65 6e 74 73 5b 31 5d 29 7c 7c 61 72 67 75 6d 65 6e 74 73 5b 31 5d 3b 72 3f 65 2e 66 6f 72 45 61 63 68 28 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 74 2e 6f 62 73 65 72 76 65 72 2e 6f 62 73 65 72 76 65 28 7b 74 79 70 65 3a 65 2c 62 75 66 66 65 72 65 64 3a 72 7d 29 7d 29 29 3a 74 68 69 73 2e 6f 62 73 65 72 76 65 72 2e 6f 62 73 65 72 76 65 28 7b 65 6e 74 72 79 54 79 70 65 73 3a 65 7d 29 7d 7d 2c 7b 6b 65 79 3a 22 73 74 6f 70 22 2c 76 61 6c 75 65 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73 2e 6f 62 73 65 72 76 65 72 2e 64 69 73 63 6f 6e 6e 65 63 74 28 29 7d 7d 2c 7b 6b 65 79 3a 22 67 65 74 22 2c 76 61 6c 75 65 3a 66 75 6e 63 74
                                                                                                                                                                                                                                                                                                                                  Data Ascii: =this,r=!(arguments.length>1&&void 0!==arguments[1])||arguments[1];r?e.forEach((function(e){t.observer.observe({type:e,buffered:r})})):this.observer.observe({entryTypes:e})}},{key:"stop",value:function(){this.observer.disconnect()}},{key:"get",value:funct


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  94192.168.2.749843142.251.2.1554437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:00 UTC894OUTGET /pagead/landing?gcs=G111&gcd=13t3t3t3t5&rnd=1853818599.1713914998&url=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&dma=0&npa=0&gtm=45je44m0v9167661709z8536291za200&auid=571138784.1713914988 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: googleads.g.doubleclick.net
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: IDE=AHWqTUkWuMucKmweOSwmj7RW92pz4PKO8842RtsIxN0p7KUWBRm2nELl74IoNpUN
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC652INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
                                                                                                                                                                                                                                                                                                                                  Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:01 GMT
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                                                                                                                  Content-Type: image/gif
                                                                                                                                                                                                                                                                                                                                  Content-Security-Policy: script-src 'none'; object-src 'none'
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  Server: cafe
                                                                                                                                                                                                                                                                                                                                  Content-Length: 42
                                                                                                                                                                                                                                                                                                                                  X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                                                                  Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  95192.168.2.749842192.29.11.1424437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:00 UTC845OUTGET /visitor/v200/svrGP?pps=3&siteid=1325&ref=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&ref2=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&tzo=-60&ms=36&optin=disabled HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: s1325.t.eloqua.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: ELOQUA=GUID=A19FC9146C534783A26EBA38F50B2A88; ELQSTATUS=OK
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC418INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-store
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Content-Type: image/gif
                                                                                                                                                                                                                                                                                                                                  Expires: -1
                                                                                                                                                                                                                                                                                                                                  X-Robots-Tag: noindex, nofollow
                                                                                                                                                                                                                                                                                                                                  X-Xss-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                                                                                  P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:00 GMT
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Content-Length: 49
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC49INData Raw: 47 49 46 38 39 61 01 00 01 00 91 ff 00 ff ff ff 00 00 00 ff ff ff 00 00 00 21 f9 04 01 00 00 02 00 2c 00 00 00 00 01 00 01 00 00 02 02 54 01 00 3b
                                                                                                                                                                                                                                                                                                                                  Data Ascii: GIF89a!,T;


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  96192.168.2.74984474.125.137.1564437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:00 UTC1496OUTGET /td/rul/975652292?random=1713914999207&cv=11&fst=1713914999207&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je44m0v9167661709za200&gcs=G111&gcd=13v3v3v3v5&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&ref=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&label=p4zxCNq_8IkYEMSLndED&hn=www.googleadservices.com&frm=0&tiba=First%20run&gtm_ee=1&npa=0&pscdl=noapi&auid=571138784.1713914988&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.134%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.134&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&ct_cookie_present=0 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: td.doubleclick.net
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                                                                                                                                  X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: iframe
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: IDE=AHWqTUkWuMucKmweOSwmj7RW92pz4PKO8842RtsIxN0p7KUWBRm2nELl74IoNpUN
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC646INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
                                                                                                                                                                                                                                                                                                                                  Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:01 GMT
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache, must-revalidate
                                                                                                                                                                                                                                                                                                                                  Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  Server: cafe
                                                                                                                                                                                                                                                                                                                                  X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                  Accept-Ranges: none
                                                                                                                                                                                                                                                                                                                                  Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC609INData Raw: 31 31 66 34 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 6f 72 69 67 69 6e 2d 74 72 69 61 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 41 76 68 35 4e 79 30 58 45 46 43 79 51 37 2b 6f 4e 69 65 58 73 6b 55 72 71 59 38 65 64 55 7a 4c 35 2f 58 72 77 4b 6c 47 6a 41 52 51 48 57 34 54 46 52 4b 2b 6a 56 64 35 48 6e 44 49 70 59 32 30 6e 35 4f 4c 48 66 67 55 34 6b 75 37 78 34 38 4e 33 75 68 47 2f 41 30 41 41 41 42 78 65 79 4a 76 63 6d 6c 6e 61 57 34 69 4f 69 4a 6f 64 48 52 77 63 7a 6f 76 4c 32 52 76 64 57 4a 73 5a 57 4e 73 61 57 4e 72 4c 6d 35 6c 64 44 6f 30 4e 44 4d 69 4c 43 4a 6d 5a 57 46 30 64 58 4a 6c 49 6a 6f 69 55 48 4a 70 64 6d 46 6a 65 56 4e 68 62 6d 52 69 62 33 68 42 5a 48 4e 42 55 45 6c 7a 49 69 77 69 5a 58 68 77
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 11f4<html><head><meta http-equiv="origin-trial" content="Avh5Ny0XEFCyQ7+oNieXskUrqY8edUzL5/XrwKlGjARQHW4TFRK+jVd5HnDIpY20n5OLHfgU4ku7x48N3uhG/A0AAABxeyJvcmlnaW4iOiJodHRwczovL2RvdWJsZWNsaWNrLm5ldDo0NDMiLCJmZWF0dXJlIjoiUHJpdmFjeVNhbmRib3hBZHNBUElzIiwiZXhw
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC1255INData Raw: 37 34 36 33 33 34 35 5c 75 30 30 32 36 74 61 67 5f 65 69 64 3d 34 34 38 30 35 36 35 32 22 2c 22 74 72 75 73 74 65 64 42 69 64 64 69 6e 67 53 69 67 6e 61 6c 73 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 74 64 2e 64 6f 75 62 6c 65 63 6c 69 63 6b 2e 6e 65 74 2f 74 64 2f 62 74 73 22 2c 22 74 72 75 73 74 65 64 42 69 64 64 69 6e 67 53 69 67 6e 61 6c 73 4b 65 79 73 22 3a 5b 22 31 73 36 31 33 62 79 77 21 32 73 5a 6b 5f 52 65 51 21 33 73 41 41 70 74 44 56 37 69 4e 4f 71 4b 22 5d 2c 22 75 73 65 72 42 69 64 64 69 6e 67 53 69 67 6e 61 6c 73 22 3a 5b 5b 22 34 35 32 38 30 36 38 38 36 22 5d 2c 6e 75 6c 6c 2c 31 37 31 33 39 31 35 30 30 31 32 33 37 36 30 34 5d 2c 22 61 64 73 22 3a 5b 7b 22 72 65 6e 64 65 72 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 74 64 73 66 2e 64 6f 75
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 7463345\u0026tag_eid=44805652","trustedBiddingSignalsUrl":"https://td.doubleclick.net/td/bts","trustedBiddingSignalsKeys":["1s613byw!2sZk_ReQ!3sAAptDV7iNOqK"],"userBiddingSignals":[["452806886"],null,1713915001237604],"ads":[{"renderUrl":"https://tdsf.dou
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC1255INData Raw: 61 74 3d 24 7b 41 44 5f 57 49 44 54 48 7d 78 24 7b 41 44 5f 48 45 49 47 48 54 7d 5c 75 30 30 32 36 72 64 73 3d 24 7b 52 45 4e 44 45 52 5f 44 41 54 41 7d 5c 75 30 30 32 36 73 65 61 74 3d 32 5c 75 30 30 32 36 72 70 5f 69 64 3d 31 6a 35 39 37 34 36 33 33 34 35 22 2c 22 6d 65 74 61 64 61 74 61 22 3a 5b 22 31 35 33 32 34 37 38 35 36 38 34 35 22 2c 22 36 39 37 34 32 36 33 39 35 33 33 32 22 2c 6e 75 6c 6c 2c 22 32 30 37 30 32 30 37 37 35 37 39 22 5d 2c 22 61 64 52 65 6e 64 65 72 49 64 22 3a 22 2d 71 78 6b 5f 70 64 79 5a 42 6f 22 7d 5d 2c 22 65 78 65 63 75 74 69 6f 6e 4d 6f 64 65 22 3a 22 67 72 6f 75 70 2d 62 79 2d 6f 72 69 67 69 6e 22 2c 22 62 69 64 64 69 6e 67 57 61 73 6d 48 65 6c 70 65 72 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 74 64 2e 64 6f 75 62 6c 65 63
                                                                                                                                                                                                                                                                                                                                  Data Ascii: at=${AD_WIDTH}x${AD_HEIGHT}\u0026rds=${RENDER_DATA}\u0026seat=2\u0026rp_id=1j597463345","metadata":["153247856845","697426395332",null,"20702077579"],"adRenderId":"-qxk_pdyZBo"}],"executionMode":"group-by-origin","biddingWasmHelperUrl":"https://td.doublec
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC1255INData Raw: 36 39 37 34 31 30 39 35 31 30 35 31 5c 75 30 30 32 36 63 76 5f 69 64 3d 30 5c 75 30 30 32 36 66 6f 72 6d 61 74 3d 24 7b 41 44 5f 57 49 44 54 48 7d 78 24 7b 41 44 5f 48 45 49 47 48 54 7d 5c 75 30 30 32 36 72 64 73 3d 24 7b 52 45 4e 44 45 52 5f 44 41 54 41 7d 5c 75 30 30 32 36 73 65 61 74 3d 32 5c 75 30 30 32 36 72 70 5f 69 64 3d 31 6a 34 35 32 38 30 36 38 38 36 22 2c 22 6d 65 74 61 64 61 74 61 22 3a 5b 22 31 35 37 33 33 31 35 34 32 35 32 31 22 2c 22 36 39 37 34 31 30 39 35 31 30 35 31 22 2c 6e 75 6c 6c 2c 22 32 30 35 37 36 30 31 34 34 36 35 22 5d 2c 22 61 64 52 65 6e 64 65 72 49 64 22 3a 22 6d 51 6b 34 54 41 37 5f 6b 47 77 22 7d 2c 7b 22 72 65 6e 64 65 72 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 74 64 73 66 2e 64 6f 75 62 6c 65 63 6c 69 63 6b 2e 6e 65 74
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 697410951051\u0026cv_id=0\u0026format=${AD_WIDTH}x${AD_HEIGHT}\u0026rds=${RENDER_DATA}\u0026seat=2\u0026rp_id=1j452806886","metadata":["157331542521","697410951051",null,"20576014465"],"adRenderId":"mQk4TA7_kGw"},{"renderUrl":"https://tdsf.doubleclick.net
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC230INData Raw: 74 72 69 62 75 74 65 73 29 3b 7d 7d 63 61 74 63 68 28 65 29 7b 6e 61 76 69 67 61 74 6f 72 2e 73 65 6e 64 42 65 61 63 6f 6e 28 60 68 74 74 70 73 3a 2f 2f 70 61 67 65 61 64 32 2e 67 6f 6f 67 6c 65 73 79 6e 64 69 63 61 74 69 6f 6e 2e 63 6f 6d 2f 70 61 67 65 61 64 2f 67 65 6e 5f 32 30 34 2f 3f 69 64 3d 74 75 72 74 6c 65 78 5f 6a 6f 69 6e 5f 69 67 26 74 78 5f 6a 69 67 3d 24 7b 65 6e 63 6f 64 65 55 52 49 43 6f 6d 70 6f 6e 65 6e 74 28 4a 53 4f 4e 2e 73 74 72 69 6e 67 69 66 79 28 69 29 29 7d 26 74 78 5f 6a 65 6d 3d 24 7b 65 2e 6d 65 73 73 61 67 65 7d 26 74 78 5f 6a 65 6e 3d 24 7b 65 2e 6e 61 6d 65 7d 60 29 3b 7d 7d 3c 2f 73 63 72 69 70 74 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                                                                                                                                  Data Ascii: tributes);}}catch(e){navigator.sendBeacon(`https://pagead2.googlesyndication.com/pagead/gen_204/?id=turtlex_join_ig&tx_jig=${encodeURIComponent(JSON.stringify(i))}&tx_jem=${e.message}&tx_jen=${e.name}`);}}</script></body></html>
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 0


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  97192.168.2.74984613.107.213.694437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC597OUTGET /s/0.7.31/clarity.js HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: www.clarity.ms
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: CLID=2a63f70e8ac245f79a80d75f53b3453d.20240423.20250423
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC640INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:01 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/javascript;charset=utf-8
                                                                                                                                                                                                                                                                                                                                  Content-Length: 62389
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                  Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                  Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                  Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                  Last-Modified: Mon, 22 Apr 2024 19:19:24 GMT
                                                                                                                                                                                                                                                                                                                                  ETag: "0x8DC63011F10BC93"
                                                                                                                                                                                                                                                                                                                                  x-ms-request-id: 3fd7b849-101e-0065-7109-95809f000000
                                                                                                                                                                                                                                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  x-azure-ref: 20240423T233001Z-168bb8d798b22pnzt0dbur5w6s00000000hg00000000bxfk
                                                                                                                                                                                                                                                                                                                                  Cache-Control: public, max-age=86400
                                                                                                                                                                                                                                                                                                                                  x-fd-int-roxy-purgeid: 51562430
                                                                                                                                                                                                                                                                                                                                  X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                  X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC15744INData Raw: 2f 2a 20 63 6c 61 72 69 74 79 2d 6a 73 20 76 30 2e 37 2e 33 31 3a 20 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 63 6f 6d 2f 6d 69 63 72 6f 73 6f 66 74 2f 63 6c 61 72 69 74 79 20 28 4c 69 63 65 6e 73 65 3a 20 4d 49 54 29 20 2a 2f 0d 0a 21 66 75 6e 63 74 69 6f 6e 28 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 74 3d 4f 62 6a 65 63 74 2e 66 72 65 65 7a 65 28 7b 5f 5f 70 72 6f 74 6f 5f 5f 3a 6e 75 6c 6c 2c 67 65 74 20 71 75 65 75 65 28 29 7b 72 65 74 75 72 6e 20 55 61 7d 2c 67 65 74 20 73 74 61 72 74 28 29 7b 72 65 74 75 72 6e 20 71 61 7d 2c 67 65 74 20 73 74 6f 70 28 29 7b 72 65 74 75 72 6e 20 46 61 7d 2c 67 65 74 20 74 72 61 63 6b 28 29 7b 72 65 74 75 72 6e 20 48 61 7d 7d 29 2c 65 3d 4f 62 6a 65 63 74 2e 66 72 65 65 7a 65 28 7b 5f 5f 70 72 6f
                                                                                                                                                                                                                                                                                                                                  Data Ascii: /* clarity-js v0.7.31: https://github.com/microsoft/clarity (License: MIT) */!function(){"use strict";var t=Object.freeze({__proto__:null,get queue(){return Ua},get start(){return qa},get stop(){return Fa},get track(){return Ha}}),e=Object.freeze({__pro
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC16384INData Raw: 2c 6f 3d 61 2e 61 74 74 72 69 62 75 74 65 73 7c 7c 7b 7d 2c 75 3d 61 2e 74 61 67 2e 74 6f 55 70 70 65 72 43 61 73 65 28 29 3b 73 77 69 74 63 68 28 21 30 29 7b 63 61 73 65 20 50 74 2e 69 6e 64 65 78 4f 66 28 75 29 3e 3d 30 3a 76 61 72 20 63 3d 6f 2e 74 79 70 65 2c 73 3d 22 22 3b 4f 62 6a 65 63 74 2e 6b 65 79 73 28 6f 29 2e 66 6f 72 45 61 63 68 28 28 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 73 2b 3d 6f 5b 74 5d 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 7d 29 29 3b 76 61 72 20 6c 3d 7a 74 2e 73 6f 6d 65 28 28 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 73 2e 69 6e 64 65 78 4f 66 28 74 29 3e 3d 30 7d 29 29 3b 72 2e 70 72 69 76 61 63 79 3d 22 49 4e 50 55 54 22 3d 3d 3d 75 26 26 48 74 2e 69 6e 64 65 78 4f 66 28 63 29 3e 3d 30 3f 69
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ,o=a.attributes||{},u=a.tag.toUpperCase();switch(!0){case Pt.indexOf(u)>=0:var c=o.type,s="";Object.keys(o).forEach((function(t){return s+=o[t].toLowerCase()}));var l=zt.some((function(t){return s.indexOf(t)>=0}));r.privacy="INPUT"===u&&Ht.indexOf(c)>=0?i
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:02 UTC16384INData Raw: 3e 3d 30 7c 7c 72 2e 69 6e 64 65 78 4f 66 28 22 70 6f 73 74 69 6e 67 22 29 3e 3d 30 3f 22 61 72 74 69 63 6c 65 22 3a 72 29 7b 63 61 73 65 22 61 72 74 69 63 6c 65 22 3a 63 61 73 65 22 72 65 63 69 70 65 22 3a 49 72 28 35 2c 74 5b 61 5d 29 2c 49 72 28 38 2c 74 2e 63 72 65 61 74 6f 72 29 2c 49 72 28 31 38 2c 74 2e 68 65 61 64 6c 69 6e 65 29 3b 62 72 65 61 6b 3b 63 61 73 65 22 70 72 6f 64 75 63 74 22 3a 49 72 28 35 2c 74 5b 61 5d 29 2c 49 72 28 31 30 2c 74 2e 6e 61 6d 65 29 2c 49 72 28 31 32 2c 74 2e 73 6b 75 29 2c 74 2e 62 72 61 6e 64 26 26 49 72 28 36 2c 74 2e 62 72 61 6e 64 2e 6e 61 6d 65 29 3b 62 72 65 61 6b 3b 63 61 73 65 22 61 67 67 72 65 67 61 74 65 72 61 74 69 6e 67 22 3a 74 2e 72 61 74 69 6e 67 56 61 6c 75 65 26 26 28 57 28 31 31 2c 72 61 28 74 2e 72
                                                                                                                                                                                                                                                                                                                                  Data Ascii: >=0||r.indexOf("posting")>=0?"article":r){case"article":case"recipe":Ir(5,t[a]),Ir(8,t.creator),Ir(18,t.headline);break;case"product":Ir(5,t[a]),Ir(10,t.name),Ir(12,t.sku),t.brand&&Ir(6,t.brand.name);break;case"aggregaterating":t.ratingValue&&(W(11,ra(t.r
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:02 UTC13877INData Raw: 61 74 61 2e 61 63 74 69 76 69 74 79 54 69 6d 65 29 2c 65 2e 70 75 73 68 28 6e 2e 64 61 74 61 2e 73 63 72 6f 6c 6c 54 69 6d 65 29 2c 55 61 28 65 2c 21 31 29 29 2c 78 28 29 3b 62 72 65 61 6b 3b 63 61 73 65 20 32 35 3a 65 2e 70 75 73 68 28 52 2e 67 61 70 29 2c 55 61 28 65 29 3b 62 72 65 61 6b 3b 63 61 73 65 20 33 35 3a 65 2e 70 75 73 68 28 61 72 2e 63 68 65 63 6b 29 2c 55 61 28 65 2c 21 31 29 3b 62 72 65 61 6b 3b 63 61 73 65 20 33 3a 65 2e 70 75 73 68 28 74 74 2e 6b 65 79 29 2c 55 61 28 65 29 3b 62 72 65 61 6b 3b 63 61 73 65 20 32 3a 65 2e 70 75 73 68 28 48 61 2e 73 65 71 75 65 6e 63 65 29 2c 65 2e 70 75 73 68 28 48 61 2e 61 74 74 65 6d 70 74 73 29 2c 65 2e 70 75 73 68 28 48 61 2e 73 74 61 74 75 73 29 2c 55 61 28 65 2c 21 31 29 3b 62 72 65 61 6b 3b 63 61 73
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ata.activityTime),e.push(n.data.scrollTime),Ua(e,!1)),x();break;case 25:e.push(R.gap),Ua(e);break;case 35:e.push(ar.check),Ua(e,!1);break;case 3:e.push(tt.key),Ua(e);break;case 2:e.push(Ha.sequence),e.push(Ha.attempts),e.push(Ha.status),Ua(e,!1);break;cas


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  98192.168.2.749848104.19.177.524437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC427OUTGET /consent/3dfce4f2-dab6-4128-9f33-df7e0597da82/3dfce4f2-dab6-4128-9f33-df7e0597da82.json HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: cdn.cookielaw.org
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC890INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:01 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/x-javascript
                                                                                                                                                                                                                                                                                                                                  Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  CF-Ray: 8791a398dc8f0acf-LAS
                                                                                                                                                                                                                                                                                                                                  CF-Cache-Status: HIT
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  Cache-Control: public, max-age=86400
                                                                                                                                                                                                                                                                                                                                  Expires: Wed, 24 Apr 2024 23:30:01 GMT
                                                                                                                                                                                                                                                                                                                                  Last-Modified: Thu, 11 Apr 2024 13:50:46 GMT
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                                                                                  Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                  Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                                                                                                                                                                                                                                                                                                  Content-MD5: sAZNi3VzA3Nlloh5BZ+ycA==
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  x-ms-blob-type: BlockBlob
                                                                                                                                                                                                                                                                                                                                  x-ms-lease-status: unlocked
                                                                                                                                                                                                                                                                                                                                  x-ms-request-id: 1abfa045-601e-0029-5717-8c07f7000000
                                                                                                                                                                                                                                                                                                                                  x-ms-version: 2009-09-19
                                                                                                                                                                                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC479INData Raw: 31 32 66 32 0d 0a 7b 22 43 6f 6f 6b 69 65 53 50 41 45 6e 61 62 6c 65 64 22 3a 66 61 6c 73 65 2c 22 43 6f 6f 6b 69 65 53 61 6d 65 53 69 74 65 4e 6f 6e 65 45 6e 61 62 6c 65 64 22 3a 66 61 6c 73 65 2c 22 43 6f 6f 6b 69 65 56 32 43 53 50 45 6e 61 62 6c 65 64 22 3a 66 61 6c 73 65 2c 22 4d 75 6c 74 69 56 61 72 69 61 6e 74 54 65 73 74 69 6e 67 45 6e 61 62 6c 65 64 22 3a 66 61 6c 73 65 2c 22 55 73 65 56 32 22 3a 74 72 75 65 2c 22 4d 6f 62 69 6c 65 53 44 4b 22 3a 66 61 6c 73 65 2c 22 53 6b 69 70 47 65 6f 6c 6f 63 61 74 69 6f 6e 22 3a 66 61 6c 73 65 2c 22 53 63 72 69 70 74 54 79 70 65 22 3a 22 50 52 4f 44 55 43 54 49 4f 4e 22 2c 22 56 65 72 73 69 6f 6e 22 3a 22 32 30 32 34 30 31 2e 32 2e 30 22 2c 22 4f 70 74 61 6e 6f 6e 44 61 74 61 4a 53 4f 4e 22 3a 22 33 64 66 63
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 12f2{"CookieSPAEnabled":false,"CookieSameSiteNoneEnabled":false,"CookieV2CSPEnabled":false,"MultiVariantTestingEnabled":false,"UseV2":true,"MobileSDK":false,"SkipGeolocation":false,"ScriptType":"PRODUCTION","Version":"202401.2.0","OptanonDataJSON":"3dfc
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC1369INData Raw: 33 34 39 35 38 35 35 2d 66 66 63 33 2d 34 65 36 38 2d 38 31 31 62 2d 62 35 64 38 32 30 31 61 63 35 33 63 22 2c 22 4e 61 6d 65 22 3a 22 43 61 6c 69 66 6f 72 6e 69 61 22 2c 22 43 6f 75 6e 74 72 69 65 73 22 3a 5b 5d 2c 22 53 74 61 74 65 73 22 3a 7b 22 75 73 22 3a 5b 22 63 61 22 5d 7d 2c 22 4c 61 6e 67 75 61 67 65 53 77 69 74 63 68 65 72 50 6c 61 63 65 68 6f 6c 64 65 72 22 3a 7b 22 64 65 66 61 75 6c 74 22 3a 22 65 6e 22 7d 2c 22 42 61 6e 6e 65 72 50 75 73 68 65 73 44 6f 77 6e 22 3a 66 61 6c 73 65 2c 22 44 65 66 61 75 6c 74 22 3a 66 61 6c 73 65 2c 22 47 6c 6f 62 61 6c 22 3a 66 61 6c 73 65 2c 22 54 79 70 65 22 3a 22 47 44 50 52 22 2c 22 55 73 65 47 6f 6f 67 6c 65 56 65 6e 64 6f 72 73 22 3a 66 61 6c 73 65 2c 22 56 61 72 69 61 6e 74 45 6e 61 62 6c 65 64 22 3a 66
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 3495855-ffc3-4e68-811b-b5d8201ac53c","Name":"California","Countries":[],"States":{"us":["ca"]},"LanguageSwitcherPlaceholder":{"default":"en"},"BannerPushesDown":false,"Default":false,"Global":false,"Type":"GDPR","UseGoogleVendors":false,"VariantEnabled":f
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC1369INData Raw: 79 22 2c 22 62 7a 22 2c 22 73 6c 22 2c 22 73 6e 22 2c 22 73 6f 22 2c 22 63 61 22 2c 22 73 72 22 2c 22 73 73 22 2c 22 63 63 22 2c 22 73 74 22 2c 22 63 64 22 2c 22 73 76 22 2c 22 63 66 22 2c 22 63 67 22 2c 22 73 78 22 2c 22 63 69 22 2c 22 73 79 22 2c 22 73 7a 22 2c 22 63 6b 22 2c 22 63 6c 22 2c 22 63 6d 22 2c 22 63 6e 22 2c 22 63 6f 22 2c 22 63 72 22 2c 22 74 63 22 2c 22 74 64 22 2c 22 63 75 22 2c 22 74 66 22 2c 22 63 76 22 2c 22 74 67 22 2c 22 74 68 22 2c 22 63 77 22 2c 22 63 78 22 2c 22 74 6a 22 2c 22 74 6b 22 2c 22 74 6c 22 2c 22 74 6d 22 2c 22 74 6e 22 2c 22 74 6f 22 2c 22 74 72 22 2c 22 74 74 22 2c 22 74 76 22 2c 22 74 77 22 2c 22 64 6a 22 2c 22 74 7a 22 2c 22 64 6d 22 2c 22 64 6f 22 2c 22 75 61 22 2c 22 75 67 22 2c 22 64 7a 22 2c 22 75 6d 22 2c 22 75
                                                                                                                                                                                                                                                                                                                                  Data Ascii: y","bz","sl","sn","so","ca","sr","ss","cc","st","cd","sv","cf","cg","sx","ci","sy","sz","ck","cl","cm","cn","co","cr","tc","td","cu","tf","cv","tg","th","cw","cx","tj","tk","tl","tm","tn","to","tr","tt","tv","tw","dj","tz","dm","do","ua","ug","dz","um","u
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC1369INData Raw: 72 4c 69 73 74 56 65 72 73 69 6f 6e 22 3a 30 2c 22 6d 61 78 56 65 6e 64 6f 72 49 64 22 3a 30 2c 22 65 6e 63 6f 64 69 6e 67 54 79 70 65 22 3a 22 30 22 2c 22 67 6c 6f 62 61 6c 56 65 6e 64 6f 72 4c 69 73 74 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2e 63 6f 6f 6b 69 65 6c 61 77 2e 6f 72 67 2f 76 65 6e 64 6f 72 6c 69 73 74 2f 69 61 62 44 61 74 61 2e 6a 73 6f 6e 22 7d 2c 22 49 61 62 56 32 44 61 74 61 22 3a 7b 22 63 6f 6f 6b 69 65 56 65 72 73 69 6f 6e 22 3a 22 31 22 2c 22 63 72 65 61 74 65 64 54 69 6d 65 22 3a 22 32 30 32 34 2d 30 34 2d 31 31 54 31 33 3a 35 30 3a 34 36 2e 31 32 31 37 39 32 38 30 32 22 2c 22 75 70 64 61 74 65 64 54 69 6d 65 22 3a 22 32 30 32 34 2d 30 34 2d 31 31 54 31 33 3a 35 30 3a 34 36 2e 31 32 31 37 39 37 36 38 32 22 2c 22 63 6d 70
                                                                                                                                                                                                                                                                                                                                  Data Ascii: rListVersion":0,"maxVendorId":0,"encodingType":"0","globalVendorListUrl":"https://cdn.cookielaw.org/vendorlist/iabData.json"},"IabV2Data":{"cookieVersion":"1","createdTime":"2024-04-11T13:50:46.121792802","updatedTime":"2024-04-11T13:50:46.121797682","cmp
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC272INData Raw: 3a 22 61 70 70 2d 70 72 6f 64 22 2c 22 52 65 6d 6f 74 65 41 63 74 69 6f 6e 73 45 6e 61 62 6c 65 64 22 3a 66 61 6c 73 65 2c 22 47 65 6f 52 75 6c 65 47 72 6f 75 70 4e 61 6d 65 22 3a 22 54 65 6c 65 72 69 6b 2e 43 6f 6d 20 43 6f 6e 73 65 6e 74 20 50 6f 6c 69 63 79 22 2c 22 47 41 54 72 61 63 6b 54 6f 67 67 6c 65 22 3a 74 72 75 65 2c 22 47 41 54 72 61 63 6b 41 73 73 69 67 6e 65 64 43 61 74 65 67 6f 72 79 22 3a 22 41 53 22 2c 22 57 65 62 46 6f 72 6d 49 6e 74 65 67 72 61 74 69 6f 6e 45 6e 61 62 6c 65 64 22 3a 66 61 6c 73 65 2c 22 57 65 62 46 6f 72 6d 53 72 63 55 72 6c 22 3a 22 22 2c 22 57 65 62 46 6f 72 6d 57 6f 72 6b 65 72 55 72 6c 22 3a 22 22 2c 22 47 70 70 44 61 74 61 22 3a 7b 22 63 6d 70 49 64 22 3a 22 32 38 22 7d 2c 22 41 75 74 68 65 6e 74 69 63 61 74 65 64
                                                                                                                                                                                                                                                                                                                                  Data Ascii: :"app-prod","RemoteActionsEnabled":false,"GeoRuleGroupName":"Telerik.Com Consent Policy","GATrackToggle":true,"GATrackAssignedCategory":"AS","WebFormIntegrationEnabled":false,"WebFormSrcUrl":"","WebFormWorkerUrl":"","GppData":{"cmpId":"28"},"Authenticated
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 0


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  99192.168.2.749849104.19.177.524437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC430OUTGET /consent/3dfce4f2-dab6-4128-9f33-df7e0597da82/8b69118b-3606-49f3-8c41-2718141b484d/en.json HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: cdn.cookielaw.org
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:02 UTC890INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:01 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/x-javascript
                                                                                                                                                                                                                                                                                                                                  Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  CF-Ray: 8791a398dd0809f7-LAS
                                                                                                                                                                                                                                                                                                                                  CF-Cache-Status: HIT
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  Cache-Control: public, max-age=86400
                                                                                                                                                                                                                                                                                                                                  Expires: Wed, 24 Apr 2024 23:30:01 GMT
                                                                                                                                                                                                                                                                                                                                  Last-Modified: Thu, 11 Apr 2024 13:50:54 GMT
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                                                                                  Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                  Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                                                                                                                                                                                                                                                                                                  Content-MD5: HGPA6AyDGbQM8tIA/CTFKw==
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  x-ms-blob-type: BlockBlob
                                                                                                                                                                                                                                                                                                                                  x-ms-lease-status: unlocked
                                                                                                                                                                                                                                                                                                                                  x-ms-request-id: 59c560bb-d01e-0003-6517-8cd8e7000000
                                                                                                                                                                                                                                                                                                                                  x-ms-version: 2009-09-19
                                                                                                                                                                                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:02 UTC479INData Raw: 37 63 32 37 0d 0a 7b 22 44 6f 6d 61 69 6e 44 61 74 61 22 3a 7b 22 70 63 63 6c 6f 73 65 42 75 74 74 6f 6e 54 79 70 65 22 3a 22 49 63 6f 6e 22 2c 22 70 63 6c 69 66 65 53 70 61 6e 59 72 22 3a 22 59 65 61 72 22 2c 22 70 63 6c 69 66 65 53 70 61 6e 59 72 73 22 3a 22 59 65 61 72 73 22 2c 22 70 63 6c 69 66 65 53 70 61 6e 53 65 63 73 22 3a 22 41 20 66 65 77 20 73 65 63 6f 6e 64 73 22 2c 22 70 63 6c 69 66 65 53 70 61 6e 57 6b 22 3a 22 57 65 65 6b 22 2c 22 70 63 6c 69 66 65 53 70 61 6e 57 6b 73 22 3a 22 57 65 65 6b 73 22 2c 22 70 63 63 6f 6e 74 69 6e 75 65 57 69 74 68 6f 75 74 41 63 63 65 70 74 54 65 78 74 22 3a 22 43 6f 6e 74 69 6e 75 65 20 77 69 74 68 6f 75 74 20 41 63 63 65 70 74 69 6e 67 22 2c 22 4d 61 69 6e 54 65 78 74 22 3a 22 50 72 69 76 61 63 79 20 50 72 65
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 7c27{"DomainData":{"pccloseButtonType":"Icon","pclifeSpanYr":"Year","pclifeSpanYrs":"Years","pclifeSpanSecs":"A few seconds","pclifeSpanWk":"Week","pclifeSpanWks":"Weeks","pccontinueWithoutAcceptText":"Continue without Accepting","MainText":"Privacy Pre
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:02 UTC1369INData Raw: 73 74 6c 79 20 75 73 65 64 20 74 6f 20 6d 61 6b 65 20 74 68 65 20 73 69 74 65 20 77 6f 72 6b 20 61 73 20 79 6f 75 20 65 78 70 65 63 74 20 69 74 20 74 6f 2e 20 54 68 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 64 6f 65 73 20 6e 6f 74 20 75 73 75 61 6c 6c 79 20 64 69 72 65 63 74 6c 79 20 69 64 65 6e 74 69 66 79 20 79 6f 75 2c 20 62 75 74 20 69 74 20 63 61 6e 20 67 69 76 65 20 79 6f 75 20 61 20 6d 6f 72 65 20 70 65 72 73 6f 6e 61 6c 69 73 65 64 20 77 65 62 20 65 78 70 65 72 69 65 6e 63 65 2e 5c 6e 5c 6e 42 65 63 61 75 73 65 20 77 65 20 72 65 73 70 65 63 74 20 79 6f 75 72 20 72 69 67 68 74 20 74 6f 20 70 72 69 76 61 63 79 2c 20 79 6f 75 20 63 61 6e 20 63 68 6f 6f 73 65 20 6e 6f 74 20 74 6f 20 61 6c 6c 6f 77 20 73 6f 6d 65 20 74 79 70 65 73 20 6f 66 20 63 6f 6f
                                                                                                                                                                                                                                                                                                                                  Data Ascii: stly used to make the site work as you expect it to. The information does not usually directly identify you, but it can give you a more personalised web experience.\n\nBecause we respect your right to privacy, you can choose not to allow some types of coo
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:02 UTC1369INData Raw: 74 6f 20 63 75 73 74 6f 6d 69 7a 65 20 68 6f 77 20 74 68 65 20 73 69 74 65 20 75 73 65 73 20 63 6f 6f 6b 69 65 73 20 66 6f 72 20 79 6f 75 2e 22 2c 22 41 6c 65 72 74 43 6c 6f 73 65 54 65 78 74 22 3a 22 43 6c 6f 73 65 22 2c 22 41 6c 65 72 74 4d 6f 72 65 49 6e 66 6f 54 65 78 74 22 3a 22 43 6f 6f 6b 69 65 73 20 53 65 74 74 69 6e 67 73 22 2c 22 43 6f 6f 6b 69 65 53 65 74 74 69 6e 67 42 75 74 74 6f 6e 54 65 78 74 22 3a 22 43 6f 6f 6b 69 65 73 20 53 65 74 74 69 6e 67 73 22 2c 22 41 6c 65 72 74 41 6c 6c 6f 77 43 6f 6f 6b 69 65 73 54 65 78 74 22 3a 22 41 63 63 65 70 74 20 43 6f 6f 6b 69 65 73 22 2c 22 43 6c 6f 73 65 53 68 6f 75 6c 64 41 63 63 65 70 74 41 6c 6c 43 6f 6f 6b 69 65 73 22 3a 66 61 6c 73 65 2c 22 4c 61 73 74 52 65 63 6f 6e 73 65 6e 74 44 61 74 65 22 3a
                                                                                                                                                                                                                                                                                                                                  Data Ascii: to customize how the site uses cookies for you.","AlertCloseText":"Close","AlertMoreInfoText":"Cookies Settings","CookieSettingButtonText":"Cookies Settings","AlertAllowCookiesText":"Accept Cookies","CloseShouldAcceptAllCookies":false,"LastReconsentDate":
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:02 UTC1369INData Raw: 63 69 66 69 63 61 6c 6c 79 2c 20 77 65 20 75 73 65 20 63 6f 6f 6b 69 65 73 20 61 6e 64 20 6f 74 68 65 72 20 74 72 61 63 6b 69 6e 67 20 74 65 63 68 6e 6f 6c 6f 67 69 65 73 20 66 6f 72 20 74 68 65 20 66 6f 6c 6c 6f 77 69 6e 67 20 70 75 72 70 6f 73 65 73 3a 22 2c 22 47 72 6f 75 70 73 22 3a 5b 7b 22 53 68 6f 77 49 6e 50 6f 70 75 70 22 3a 74 72 75 65 2c 22 53 68 6f 77 49 6e 50 6f 70 75 70 4e 6f 6e 49 41 42 22 3a 74 72 75 65 2c 22 53 68 6f 77 53 44 4b 4c 69 73 74 4c 69 6e 6b 22 3a 74 72 75 65 2c 22 4f 72 64 65 72 22 3a 22 31 22 2c 22 4f 70 74 61 6e 6f 6e 47 72 6f 75 70 49 64 22 3a 22 31 22 2c 22 50 61 72 65 6e 74 22 3a 22 22 2c 22 53 68 6f 77 53 75 62 67 72 6f 75 70 22 3a 74 72 75 65 2c 22 53 68 6f 77 53 75 62 47 72 6f 75 70 44 65 73 63 72 69 70 74 69 6f 6e 22
                                                                                                                                                                                                                                                                                                                                  Data Ascii: cifically, we use cookies and other tracking technologies for the following purposes:","Groups":[{"ShowInPopup":true,"ShowInPopupNonIAB":true,"ShowSDKListLink":true,"Order":"1","OptanonGroupId":"1","Parent":"","ShowSubgroup":true,"ShowSubGroupDescription"
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:02 UTC1369INData Raw: 20 4e 65 63 65 73 73 61 72 79 20 43 6f 6f 6b 69 65 73 22 2c 22 49 73 49 61 62 50 75 72 70 6f 73 65 22 3a 66 61 6c 73 65 2c 22 47 65 6e 65 72 61 6c 56 65 6e 64 6f 72 73 49 64 73 22 3a 5b 5d 2c 22 46 69 72 73 74 50 61 72 74 79 43 6f 6f 6b 69 65 73 22 3a 5b 7b 22 69 64 22 3a 22 37 62 36 34 64 36 32 32 2d 64 65 31 34 2d 34 30 33 36 2d 38 64 35 36 2d 39 37 65 34 34 66 62 33 36 65 37 39 22 2c 22 4e 61 6d 65 22 3a 22 2e 41 73 70 4e 65 74 43 6f 72 65 2e 22 2c 22 48 6f 73 74 22 3a 22 64 65 6d 6f 73 2e 74 65 6c 65 72 69 6b 2e 63 6f 6d 22 2c 22 49 73 53 65 73 73 69 6f 6e 22 3a 74 72 75 65 2c 22 4c 65 6e 67 74 68 22 3a 22 30 22 2c 22 64 65 73 63 72 69 70 74 69 6f 6e 22 3a 22 2e 41 73 70 4e 65 74 43 6f 72 65 2e 22 2c 22 44 75 72 61 74 69 6f 6e 54 79 70 65 22 3a 31 2c
                                                                                                                                                                                                                                                                                                                                  Data Ascii: Necessary Cookies","IsIabPurpose":false,"GeneralVendorsIds":[],"FirstPartyCookies":[{"id":"7b64d622-de14-4036-8d56-97e44fb36e79","Name":".AspNetCore.","Host":"demos.telerik.com","IsSession":true,"Length":"0","description":".AspNetCore.","DurationType":1,
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:02 UTC1369INData Raw: 6f 6e 20 63 6c 6f 73 69 6e 67 20 74 68 65 20 62 72 6f 77 73 65 72 2e 22 2c 22 44 75 72 61 74 69 6f 6e 54 79 70 65 22 3a 31 2c 22 63 61 74 65 67 6f 72 79 22 3a 6e 75 6c 6c 2c 22 69 73 54 68 69 72 64 50 61 72 74 79 22 3a 66 61 6c 73 65 7d 2c 7b 22 69 64 22 3a 22 36 38 31 35 32 33 34 61 2d 33 64 38 34 2d 34 32 62 34 2d 61 31 38 62 2d 61 63 65 30 64 34 36 32 63 32 62 37 22 2c 22 4e 61 6d 65 22 3a 22 5f 5f 52 65 71 75 65 73 74 56 65 72 69 66 69 63 61 74 69 6f 6e 54 6f 6b 65 6e 5f 22 2c 22 48 6f 73 74 22 3a 22 64 65 6d 6f 73 2e 74 65 6c 65 72 69 6b 2e 63 6f 6d 22 2c 22 49 73 53 65 73 73 69 6f 6e 22 3a 74 72 75 65 2c 22 4c 65 6e 67 74 68 22 3a 22 30 22 2c 22 64 65 73 63 72 69 70 74 69 6f 6e 22 3a 22 54 68 69 73 20 69 73 20 61 6e 20 61 6e 74 69 2d 66 6f 72 67 65
                                                                                                                                                                                                                                                                                                                                  Data Ascii: on closing the browser.","DurationType":1,"category":null,"isThirdParty":false},{"id":"6815234a-3d84-42b4-a18b-ace0d462c2b7","Name":"__RequestVerificationToken_","Host":"demos.telerik.com","IsSession":true,"Length":"0","description":"This is an anti-forge
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:02 UTC1369INData Raw: 33 65 66 62 65 35 62 63 39 22 2c 22 4e 61 6d 65 22 3a 22 5f 63 71 5f 64 75 69 64 22 2c 22 48 6f 73 74 22 3a 22 74 65 6c 65 72 69 6b 2e 63 6f 6d 22 2c 22 49 73 53 65 73 73 69 6f 6e 22 3a 66 61 6c 73 65 2c 22 4c 65 6e 67 74 68 22 3a 22 39 31 22 2c 22 64 65 73 63 72 69 70 74 69 6f 6e 22 3a 22 22 2c 22 44 75 72 61 74 69 6f 6e 54 79 70 65 22 3a 31 2c 22 63 61 74 65 67 6f 72 79 22 3a 6e 75 6c 6c 2c 22 69 73 54 68 69 72 64 50 61 72 74 79 22 3a 66 61 6c 73 65 7d 2c 7b 22 69 64 22 3a 22 39 39 64 63 66 66 38 62 2d 39 38 33 32 2d 34 35 32 62 2d 62 36 62 34 2d 37 35 61 64 34 35 34 37 39 34 64 30 22 2c 22 4e 61 6d 65 22 3a 22 5f 63 71 5f 70 78 67 22 2c 22 48 6f 73 74 22 3a 22 74 65 6c 65 72 69 6b 2e 63 6f 6d 22 2c 22 49 73 53 65 73 73 69 6f 6e 22 3a 66 61 6c 73 65 2c
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 3efbe5bc9","Name":"_cq_duid","Host":"telerik.com","IsSession":false,"Length":"91","description":"","DurationType":1,"category":null,"isThirdParty":false},{"id":"99dcff8b-9832-452b-b6b4-75ad454794d0","Name":"_cq_pxg","Host":"telerik.com","IsSession":false,
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:02 UTC1369INData Raw: 72 65 20 63 6c 6f 75 64 20 70 6c 61 74 66 6f 72 6d 2e 20 54 68 69 73 20 69 73 20 61 20 75 6e 69 71 75 65 20 75 73 65 72 20 69 64 65 6e 74 69 66 69 65 72 20 63 6f 6f 6b 69 65 20 65 6e 61 62 6c 69 6e 67 20 63 6f 75 6e 74 69 6e 67 20 6f 66 20 74 68 65 20 6e 75 6d 62 65 72 20 6f 66 20 75 73 65 72 73 20 61 63 63 65 73 73 69 6e 67 20 74 68 65 20 61 70 70 6c 69 63 61 74 69 6f 6e 20 6f 76 65 72 20 74 69 6d 65 2e 75 73 65 72 22 2c 22 44 75 72 61 74 69 6f 6e 54 79 70 65 22 3a 31 2c 22 63 61 74 65 67 6f 72 79 22 3a 6e 75 6c 6c 2c 22 69 73 54 68 69 72 64 50 61 72 74 79 22 3a 66 61 6c 73 65 7d 2c 7b 22 69 64 22 3a 22 33 38 33 31 35 33 34 35 2d 35 38 37 61 2d 34 32 32 34 2d 39 33 30 62 2d 30 35 66 32 31 35 61 39 35 35 35 31 22 2c 22 4e 61 6d 65 22 3a 22 41 53 50 2e 4e
                                                                                                                                                                                                                                                                                                                                  Data Ascii: re cloud platform. This is a unique user identifier cookie enabling counting of the number of users accessing the application over time.user","DurationType":1,"category":null,"isThirdParty":false},{"id":"38315345-587a-4224-930b-05f215a95551","Name":"ASP.N
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:02 UTC1369INData Raw: 33 30 35 33 38 22 2c 22 4e 61 6d 65 22 3a 22 41 57 53 41 4c 42 43 4f 52 53 22 2c 22 48 6f 73 74 22 3a 22 6c 65 61 72 6e 2e 74 65 6c 65 72 69 6b 2e 63 6f 6d 22 2c 22 49 73 53 65 73 73 69 6f 6e 22 3a 66 61 6c 73 65 2c 22 4c 65 6e 67 74 68 22 3a 22 37 22 2c 22 64 65 73 63 72 69 70 74 69 6f 6e 22 3a 22 54 68 69 73 20 63 6f 6f 6b 69 65 20 69 73 20 6d 61 6e 61 67 65 64 20 62 79 20 41 57 53 20 61 6e 64 20 69 73 20 75 73 65 64 20 66 6f 72 20 6c 6f 61 64 20 62 61 6c 61 6e 63 69 6e 67 2e 22 2c 22 44 75 72 61 74 69 6f 6e 54 79 70 65 22 3a 31 2c 22 63 61 74 65 67 6f 72 79 22 3a 6e 75 6c 6c 2c 22 69 73 54 68 69 72 64 50 61 72 74 79 22 3a 66 61 6c 73 65 7d 2c 7b 22 69 64 22 3a 22 34 30 36 64 34 61 63 36 2d 63 39 39 65 2d 34 63 33 31 2d 61 34 34 64 2d 34 61 65 36 33 61
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 30538","Name":"AWSALBCORS","Host":"learn.telerik.com","IsSession":false,"Length":"7","description":"This cookie is managed by AWS and is used for load balancing.","DurationType":1,"category":null,"isThirdParty":false},{"id":"406d4ac6-c99e-4c31-a44d-4ae63a
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:02 UTC1369INData Raw: 72 79 22 3a 6e 75 6c 6c 2c 22 69 73 54 68 69 72 64 50 61 72 74 79 22 3a 66 61 6c 73 65 7d 2c 7b 22 69 64 22 3a 22 30 33 64 39 39 35 37 30 2d 62 32 62 64 2d 34 66 32 37 2d 61 34 62 61 2d 64 31 65 35 31 30 31 64 65 61 61 34 22 2c 22 4e 61 6d 65 22 3a 22 65 75 70 75 62 63 6f 6e 73 65 6e 74 22 2c 22 48 6f 73 74 22 3a 22 74 65 6c 65 72 69 6b 2e 63 6f 6d 22 2c 22 49 73 53 65 73 73 69 6f 6e 22 3a 66 61 6c 73 65 2c 22 4c 65 6e 67 74 68 22 3a 22 33 36 35 22 2c 22 64 65 73 63 72 69 70 74 69 6f 6e 22 3a 22 54 68 69 73 20 63 6f 6f 6b 69 65 20 69 73 20 75 73 65 64 20 62 79 20 74 68 65 20 49 41 42 20 45 75 72 6f 70 65 20 54 72 61 6e 73 70 61 72 65 6e 63 79 20 26 20 43 6f 6e 73 65 6e 74 20 46 72 61 6d 65 77 6f 72 6b 20 74 6f 20 73 74 6f 72 65 20 74 68 65 20 75 73 65 72
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ry":null,"isThirdParty":false},{"id":"03d99570-b2bd-4f27-a4ba-d1e5101deaa4","Name":"eupubconsent","Host":"telerik.com","IsSession":false,"Length":"365","description":"This cookie is used by the IAB Europe Transparency & Consent Framework to store the user


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  100192.168.2.749850104.19.177.524437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC386OUTGET /scripttemplates/202401.2.0/assets/otFlat.json HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: cdn.cookielaw.org
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC809INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:01 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/json
                                                                                                                                                                                                                                                                                                                                  Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Content-MD5: BhDz7QN6NZvDbVeQXXKKbA==
                                                                                                                                                                                                                                                                                                                                  Last-Modified: Thu, 07 Mar 2024 11:26:21 GMT
                                                                                                                                                                                                                                                                                                                                  x-ms-request-id: c1ceec37-901e-005f-1d13-718dbf000000
                                                                                                                                                                                                                                                                                                                                  x-ms-version: 2009-09-19
                                                                                                                                                                                                                                                                                                                                  x-ms-lease-status: unlocked
                                                                                                                                                                                                                                                                                                                                  x-ms-blob-type: BlockBlob
                                                                                                                                                                                                                                                                                                                                  Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  Cache-Control: max-age=86400
                                                                                                                                                                                                                                                                                                                                  CF-Cache-Status: HIT
                                                                                                                                                                                                                                                                                                                                  Age: 24016
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                                                                                                                                                                                  CF-RAY: 8791a398ea7f09f5-LAS
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC560INData Raw: 33 35 32 65 0d 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 22 6e 61 6d 65 22 3a 20 22 6f 74 46 6c 61 74 22 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 22 68 74 6d 6c 22 3a 20 22 50 47 52 70 64 69 42 70 5a 44 30 69 62 32 35 6c 64 48 4a 31 63 33 51 74 59 6d 46 75 62 6d 56 79 4c 58 4e 6b 61 79 49 67 59 32 78 68 63 33 4d 39 49 6d 39 30 52 6d 78 68 64 43 49 2b 50 47 52 70 64 69 42 79 62 32 78 6c 50 53 4a 68 62 47 56 79 64 47 52 70 59 57 78 76 5a 79 49 67 59 58 4a 70 59 53 31 6b 5a 58 4e 6a 63 6d 6c 69 5a 57 52 69 65 54 30 69 62 32 35 6c 64 48 4a 31 63 33 51 74 63 47 39 73 61 57 4e 35 4c 58 52 6c 65 48 51 69 50 6a 78 6b 61 58 59 67 59 32 78 68 63 33 4d 39 49 6d 39 30 4c 58 4e 6b 61 79 31 6a 62 32 35
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 352e { "name": "otFlat", "html": "PGRpdiBpZD0ib25ldHJ1c3QtYmFubmVyLXNkayIgY2xhc3M9Im90RmxhdCI+PGRpdiByb2xlPSJhbGVydGRpYWxvZyIgYXJpYS1kZXNjcmliZWRieT0ib25ldHJ1c3QtcG9saWN5LXRleHQiPjxkaXYgY2xhc3M9Im90LXNkay1jb25
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC1369INData Raw: 64 43 49 2b 64 47 6c 30 62 47 55 38 59 53 42 6f 63 6d 56 6d 50 53 49 6a 49 6a 35 77 62 32 78 70 59 33 6b 38 4c 32 45 2b 50 43 39 6b 61 58 59 2b 50 47 52 70 64 69 42 6a 62 47 46 7a 63 7a 30 69 62 33 51 74 5a 48 42 6b 4c 57 4e 76 62 6e 52 68 61 57 35 6c 63 69 49 2b 50 47 67 7a 49 47 4e 73 59 58 4e 7a 50 53 4a 76 64 43 31 6b 63 47 51 74 64 47 6c 30 62 47 55 69 50 6c 64 6c 49 47 4e 76 62 47 78 6c 59 33 51 67 5a 47 46 30 59 53 42 70 62 69 42 76 63 6d 52 6c 63 69 42 30 62 79 42 77 63 6d 39 32 61 57 52 6c 4f 6a 77 76 61 44 4d 2b 50 47 52 70 64 69 42 6a 62 47 46 7a 63 7a 30 69 62 33 51 74 5a 48 42 6b 4c 57 4e 76 62 6e 52 6c 62 6e 51 69 50 6a 78 77 49 47 4e 73 59 58 4e 7a 50 53 4a 76 64 43 31 6b 63 47 51 74 5a 47 56 7a 59 79 49 2b 5a 47 56 7a 59 33 4a 70 63 48 52
                                                                                                                                                                                                                                                                                                                                  Data Ascii: dCI+dGl0bGU8YSBocmVmPSIjIj5wb2xpY3k8L2E+PC9kaXY+PGRpdiBjbGFzcz0ib3QtZHBkLWNvbnRhaW5lciI+PGgzIGNsYXNzPSJvdC1kcGQtdGl0bGUiPldlIGNvbGxlY3QgZGF0YSBpbiBvcmRlciB0byBwcm92aWRlOjwvaDM+PGRpdiBjbGFzcz0ib3QtZHBkLWNvbnRlbnQiPjxwIGNsYXNzPSJvdC1kcGQtZGVzYyI+ZGVzY3JpcHR
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC1369INData Raw: 32 39 75 49 6a 34 38 4c 32 4a 31 64 48 52 76 62 6a 34 38 4c 32 52 70 64 6a 34 38 49 53 30 74 49 45 4e 73 62 33 4e 6c 49 45 4a 31 64 48 52 76 62 69 42 46 54 6b 51 74 4c 54 34 38 4c 32 52 70 64 6a 34 38 4c 32 52 70 64 6a 34 3d 22 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 22 63 73 73 22 3a 20 22 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 7b 62 6f 78 2d 73 68 61 64 6f 77 3a 30 20 30 20 31 38 70 78 20 72 67 62 61 28 30 2c 30 2c 30 2c 2e 32 29 7d 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 2e 6f 74 46 6c 61 74 7b 70 6f 73 69 74 69 6f 6e 3a 66 69 78 65 64 3b 7a 2d 69 6e 64 65 78 3a 32 31 34 37 34 38 33 36 34 35 3b 62 6f 74 74 6f 6d 3a 30 3b 72 69 67 68 74 3a 30 3b 6c 65 66 74 3a 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 29uIj48L2J1dHRvbj48L2Rpdj48IS0tIENsb3NlIEJ1dHRvbiBFTkQtLT48L2Rpdj48L2Rpdj4=", "css": "#onetrust-banner-sdk{box-shadow:0 0 18px rgba(0,0,0,.2)}#onetrust-banner-sdk.otFlat{position:fixed;z-index:2147483645;bottom:0;right:0;left:0;background-
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC1369INData Raw: 6b 20 23 6f 6e 65 74 72 75 73 74 2d 70 6f 6c 69 63 79 2d 74 69 74 6c 65 2c 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 23 6f 6e 65 74 72 75 73 74 2d 70 6f 6c 69 63 79 2d 74 65 78 74 7b 63 6f 6c 6f 72 3a 64 69 6d 67 72 61 79 3b 66 6c 6f 61 74 3a 6c 65 66 74 7d 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 23 6f 6e 65 74 72 75 73 74 2d 62 75 74 74 6f 6e 2d 67 72 6f 75 70 2d 70 61 72 65 6e 74 7b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 70 78 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 7d 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 23 6f 6e 65 74 72 75 73 74 2d 62 75 74 74 6f 6e 2d 67 72 6f 75 70 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 7d 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e
                                                                                                                                                                                                                                                                                                                                  Data Ascii: k #onetrust-policy-title,#onetrust-banner-sdk #onetrust-policy-text{color:dimgray;float:left}#onetrust-banner-sdk #onetrust-button-group-parent{min-height:1px;text-align:center}#onetrust-banner-sdk #onetrust-button-group{display:inline-block}#onetrust-ban
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC1369INData Raw: 6e 6e 65 72 2d 6f 70 74 69 6f 6e 2d 69 6e 70 75 74 7b 63 75 72 73 6f 72 3a 70 6f 69 6e 74 65 72 3b 77 69 64 74 68 3a 61 75 74 6f 3b 68 65 69 67 68 74 3a 61 75 74 6f 3b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 3a 30 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 33 70 78 3b 6d 61 72 67 69 6e 3a 30 20 30 20 31 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 38 32 65 6d 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 34 7d 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 2e 62 61 6e 6e 65 72 2d 6f 70 74 69 6f 6e 2d 69 6e 70 75 74 20 2a 7b 70 6f 69 6e 74 65 72 2d 65 76 65 6e 74 73 3a 6e 6f 6e 65 3b 66 6f 6e 74 2d 73 69 7a 65 3a 69 6e 68 65 72 69 74 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 69 6e 68 65 72 69 74 7d 23 6f 6e 65 74 72 75 73 74
                                                                                                                                                                                                                                                                                                                                  Data Ascii: nner-option-input{cursor:pointer;width:auto;height:auto;border:none;padding:0;padding-right:3px;margin:0 0 10px;font-size:.82em;line-height:1.4}#onetrust-banner-sdk .banner-option-input *{pointer-events:none;font-size:inherit;line-height:inherit}#onetrust
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC1369INData Raw: 64 6b 20 2e 6f 74 2d 61 72 72 6f 77 2d 63 6f 6e 74 61 69 6e 65 72 2c 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 2e 62 61 6e 6e 65 72 2d 6f 70 74 69 6f 6e 2d 64 65 74 61 69 6c 73 7b 74 72 61 6e 73 69 74 69 6f 6e 3a 61 6c 6c 20 33 30 30 6d 73 20 65 61 73 65 2d 69 6e 20 30 73 3b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 69 74 69 6f 6e 3a 61 6c 6c 20 33 30 30 6d 73 20 65 61 73 65 2d 69 6e 20 30 73 3b 2d 6d 6f 7a 2d 74 72 61 6e 73 69 74 69 6f 6e 3a 61 6c 6c 20 33 30 30 6d 73 20 65 61 73 65 2d 69 6e 20 30 73 3b 2d 6f 2d 74 72 61 6e 73 69 74 69 6f 6e 3a 61 6c 6c 20 33 30 30 6d 73 20 65 61 73 65 2d 69 6e 20 30 73 7d 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 2e 6f 74 2d 64 70 64 2d 63 6f 6e 74 61 69 6e 65 72 7b 66 6c 6f 61 74
                                                                                                                                                                                                                                                                                                                                  Data Ascii: dk .ot-arrow-container,#onetrust-banner-sdk .banner-option-details{transition:all 300ms ease-in 0s;-webkit-transition:all 300ms ease-in 0s;-moz-transition:all 300ms ease-in 0s;-o-transition:all 300ms ease-in 0s}#onetrust-banner-sdk .ot-dpd-container{float
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC1369INData Raw: 72 2d 73 64 6b 20 2e 6f 74 2d 64 70 64 2d 64 65 73 63 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 31 30 70 78 7d 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 2e 6f 74 2d 64 70 64 2d 64 65 73 63 3e 2e 6f 74 2d 62 2d 61 64 64 6c 2d 64 65 73 63 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 31 30 70 78 3b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 31 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 65 6d 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 20 34 32 35 70 78 29 7b 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 23 6f 6e 65 74 72 75 73 74 2d 63 6c 6f 73 65 2d 62 74 6e 2d 63 6f 6e 74 61 69 6e 65 72 7b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 36 70 78
                                                                                                                                                                                                                                                                                                                                  Data Ascii: r-sdk .ot-dpd-desc{margin-bottom:10px}#onetrust-banner-sdk .ot-dpd-desc>.ot-b-addl-desc{margin-top:10px;margin-bottom:10px;font-size:1em}@media only screen and (max-width: 425px){#onetrust-banner-sdk #onetrust-close-btn-container{position:absolute;top:6px
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC1369INData Raw: 73 64 6b 20 23 6f 6e 65 74 72 75 73 74 2d 62 75 74 74 6f 6e 2d 67 72 6f 75 70 20 62 75 74 74 6f 6e 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 7d 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 23 6f 6e 65 74 72 75 73 74 2d 62 75 74 74 6f 6e 2d 67 72 6f 75 70 7b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 30 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 7d 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 2e 68 61 73 2d 72 65 6a 65 63 74 2d 61 6c 6c 2d 62 75 74 74 6f 6e 20 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 62 74 6e 2d 68 61 6e 64 6c 65 72 7b 66 6c 6f 61 74 3a 6c 65 66 74 7d 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 2e 68 61 73 2d 72 65 6a 65 63 74 2d 61 6c 6c 2d 62 75 74 74 6f 6e
                                                                                                                                                                                                                                                                                                                                  Data Ascii: sdk #onetrust-button-group button{display:inline-block}#onetrust-banner-sdk #onetrust-button-group{margin-right:0;text-align:center}#onetrust-banner-sdk .has-reject-all-button #onetrust-pc-btn-handler{float:left}#onetrust-banner-sdk .has-reject-all-button
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC1369INData Raw: 72 75 73 74 2d 72 65 6a 65 63 74 2d 61 6c 6c 2d 68 61 6e 64 6c 65 72 2c 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 2e 6f 74 2d 69 61 62 2d 32 20 23 6f 6e 65 74 72 75 73 74 2d 62 75 74 74 6f 6e 2d 67 72 6f 75 70 20 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 62 74 6e 2d 68 61 6e 64 6c 65 72 7b 77 69 64 74 68 3a 31 30 30 25 7d 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 2e 6f 74 2d 69 61 62 2d 32 20 23 6f 6e 65 74 72 75 73 74 2d 62 75 74 74 6f 6e 2d 67 72 6f 75 70 20 23 6f 6e 65 74 72 75 73 74 2d 61 63 63 65 70 74 2d 62 74 6e 2d 68 61 6e 64 6c 65 72 2c 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 2e 6f 74 2d 69 61 62 2d 32 20 23 6f 6e 65 74 72 75 73 74 2d 62 75 74 74 6f 6e 2d 67 72 6f 75 70 20 23 6f 6e 65 74 72 75
                                                                                                                                                                                                                                                                                                                                  Data Ascii: rust-reject-all-handler,#onetrust-banner-sdk.ot-iab-2 #onetrust-button-group #onetrust-pc-btn-handler{width:100%}#onetrust-banner-sdk.ot-iab-2 #onetrust-button-group #onetrust-accept-btn-handler,#onetrust-banner-sdk.ot-iab-2 #onetrust-button-group #onetru
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC1369INData Raw: 72 61 6e 73 6c 61 74 65 59 28 2d 35 30 25 29 7d 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 2e 6f 74 2d 6f 70 74 6f 75 74 2d 73 69 67 6e 61 6c 7b 77 69 64 74 68 3a 35 30 25 7d 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 2e 6f 74 2d 69 61 62 2d 32 20 23 6f 6e 65 74 72 75 73 74 2d 70 6f 6c 69 63 79 2d 74 69 74 6c 65 7b 77 69 64 74 68 3a 35 30 25 7d 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 2e 6f 74 2d 69 61 62 2d 32 20 23 6f 6e 65 74 72 75 73 74 2d 70 6f 6c 69 63 79 2d 74 65 78 74 2c 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 2e 6f 74 2d 69 61 62 2d 32 20 3a 6e 6f 74 28 2e 6f 74 2d 64 70 64 2d 64 65 73 63 29 3e 2e 6f 74 2d 62 2d 61 64 64 6c 2d 64 65 73 63 7b 6d 61 72 67 69 6e 2d 62 6f 74
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ranslateY(-50%)}#onetrust-banner-sdk .ot-optout-signal{width:50%}#onetrust-banner-sdk.ot-iab-2 #onetrust-policy-title{width:50%}#onetrust-banner-sdk.ot-iab-2 #onetrust-policy-text,#onetrust-banner-sdk.ot-iab-2 :not(.ot-dpd-desc)>.ot-b-addl-desc{margin-bot


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  101192.168.2.749851104.19.177.524437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC393OUTGET /scripttemplates/202401.2.0/assets/otCommonStyles.css HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: cdn.cookielaw.org
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC826INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:01 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Type: text/css
                                                                                                                                                                                                                                                                                                                                  Content-Length: 21778
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Content-MD5: c7xAZ9MSGAobGaTYg/Qtag==
                                                                                                                                                                                                                                                                                                                                  Last-Modified: Thu, 07 Mar 2024 11:26:34 GMT
                                                                                                                                                                                                                                                                                                                                  ETag: 0x8DC3E9971F9F305
                                                                                                                                                                                                                                                                                                                                  x-ms-request-id: f0191474-801e-0088-3a8c-70dc8a000000
                                                                                                                                                                                                                                                                                                                                  x-ms-version: 2009-09-19
                                                                                                                                                                                                                                                                                                                                  x-ms-lease-status: unlocked
                                                                                                                                                                                                                                                                                                                                  x-ms-blob-type: BlockBlob
                                                                                                                                                                                                                                                                                                                                  Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  Cache-Control: max-age=86400
                                                                                                                                                                                                                                                                                                                                  CF-Cache-Status: HIT
                                                                                                                                                                                                                                                                                                                                  Age: 31025
                                                                                                                                                                                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                                                                                                                                                                                  CF-RAY: 8791a398eae50add-LAS
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC543INData Raw: 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 7b 2d 6d 73 2d 74 65 78 74 2d 73 69 7a 65 2d 61 64 6a 75 73 74 3a 31 30 30 25 3b 2d 77 65 62 6b 69 74 2d 74 65 78 74 2d 73 69 7a 65 2d 61 64 6a 75 73 74 3a 31 30 30 25 7d 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 2e 6f 6e 65 74 72 75 73 74 2d 76 65 6e 64 6f 72 73 2d 6c 69 73 74 2d 68 61 6e 64 6c 65 72 7b 63 75 72 73 6f 72 3a 70 6f 69 6e 74 65 72 3b 63 6f 6c 6f 72 3a 23 31 66 39 36 64 62 3b 66 6f 6e 74 2d 73 69 7a 65 3a 69 6e 68 65 72 69 74 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 35 70 78 7d 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 2e 6f 6e 65
                                                                                                                                                                                                                                                                                                                                  Data Ascii: #onetrust-banner-sdk{-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%}#onetrust-banner-sdk .onetrust-vendors-list-handler{cursor:pointer;color:#1f96db;font-size:inherit;font-weight:bold;text-decoration:none;margin-left:5px}#onetrust-banner-sdk .one
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC1369INData Raw: 6b 20 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 62 74 6e 2d 68 61 6e 64 6c 65 72 7b 6f 75 74 6c 69 6e 65 2d 6f 66 66 73 65 74 3a 31 70 78 7d 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 2e 6f 74 2d 62 6e 72 2d 77 2d 6c 6f 67 6f 20 2e 6f 74 2d 62 6e 72 2d 6c 6f 67 6f 7b 68 65 69 67 68 74 3a 36 34 70 78 3b 77 69 64 74 68 3a 36 34 70 78 7d 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 2e 6f 74 2d 74 63 66 32 2d 76 65 6e 64 6f 72 2d 63 6f 75 6e 74 2e 6f 74 2d 74 65 78 74 2d 62 6f 6c 64 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 7d 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 2e 6f 74 2d 63 6c 6f 73 65 2d 69 63 6f 6e 2c 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 2e 6f 74 2d 63 6c 6f 73 65 2d 69 63
                                                                                                                                                                                                                                                                                                                                  Data Ascii: k #onetrust-pc-btn-handler{outline-offset:1px}#onetrust-banner-sdk.ot-bnr-w-logo .ot-bnr-logo{height:64px;width:64px}#onetrust-banner-sdk .ot-tcf2-vendor-count.ot-text-bold{font-weight:bold}#onetrust-banner-sdk .ot-close-icon,#onetrust-pc-sdk .ot-close-ic
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC1369INData Raw: 79 6e 63 2d 6e 74 66 79 20 62 75 74 74 6f 6e 20 2a 2c 23 6f 74 2d 73 79 6e 63 2d 6e 74 66 79 20 61 5b 64 61 74 61 2d 70 61 72 65 6e 74 2d 69 64 5d 20 2a 7b 66 6f 6e 74 2d 73 69 7a 65 3a 69 6e 68 65 72 69 74 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 69 6e 68 65 72 69 74 3b 63 6f 6c 6f 72 3a 69 6e 68 65 72 69 74 7d 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 2e 6f 74 2d 68 69 64 65 2c 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 2e 6f 74 2d 68 69 64 65 2c 23 6f 74 2d 73 79 6e 63 2d 6e 74 66 79 20 2e 6f 74 2d 68 69 64 65 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 20 21 69 6d 70 6f 72 74 61 6e 74 7d 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 62 75 74 74 6f 6e 2e 6f 74 2d 6c 69 6e 6b 2d 62 74 6e 3a 68 6f 76 65 72 2c 23 6f
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ync-ntfy button *,#ot-sync-ntfy a[data-parent-id] *{font-size:inherit;font-weight:inherit;color:inherit}#onetrust-banner-sdk .ot-hide,#onetrust-pc-sdk .ot-hide,#ot-sync-ntfy .ot-hide{display:none !important}#onetrust-banner-sdk button.ot-link-btn:hover,#o
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC1369INData Raw: 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 63 65 6e 74 65 72 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 73 69 7a 65 3a 63 6f 6e 74 61 69 6e 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 72 65 70 65 61 74 3a 6e 6f 2d 72 65 70 65 61 74 3b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 66 6c 65 78 3b 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 3a 63 65 6e 74 65 72 3b 61 6c 69 67 6e 2d 69 74 65 6d 73 3a 63 65 6e 74 65 72 7d 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 2e 70 63 2d 6c 6f 67 6f 20 69 6d 67 2c 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 2e 6f 74 2d 70 63 2d 6c 6f 67 6f 20 69 6d 67 7b 6d 61 78 2d 68 65 69 67 68 74 3a 31 30 30 25 3b 6d 61 78 2d 77 69 64 74 68 3a 31 30 30 25 7d 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 2e 73 63 72
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ackground-position:center;background-size:contain;background-repeat:no-repeat;display:inline-flex;justify-content:center;align-items:center}#onetrust-pc-sdk .pc-logo img,#onetrust-pc-sdk .ot-pc-logo img{max-height:100%;max-width:100%}#onetrust-pc-sdk .scr
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC1369INData Raw: 6e 65 74 72 75 73 74 2d 66 61 64 65 2d 69 6e 7b 30 25 7b 6f 70 61 63 69 74 79 3a 30 7d 31 30 30 25 7b 6f 70 61 63 69 74 79 3a 31 7d 7d 2e 6f 74 2d 63 6f 6f 6b 69 65 2d 6c 61 62 65 6c 7b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 75 6e 64 65 72 6c 69 6e 65 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 77 69 64 74 68 3a 20 34 32 36 70 78 29 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 20 38 39 36 70 78 29 61 6e 64 20 28 6f 72 69 65 6e 74 61 74 69 6f 6e 3a 20 6c 61 6e 64 73 63 61 70 65 29 7b 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 70 7b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 37 35 65 6d 7d 7d 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 2e 62 61 6e 6e 65 72 2d 6f 70 74 69 6f 6e 2d 69 6e 70
                                                                                                                                                                                                                                                                                                                                  Data Ascii: netrust-fade-in{0%{opacity:0}100%{opacity:1}}.ot-cookie-label{text-decoration:underline}@media only screen and (min-width: 426px)and (max-width: 896px)and (orientation: landscape){#onetrust-pc-sdk p{font-size:.75em}}#onetrust-banner-sdk .banner-option-inp
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC1369INData Raw: 61 79 3a 69 6e 6c 69 6e 65 3b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 35 70 78 7d 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 2e 6f 74 2d 6f 70 74 6f 75 74 2d 73 69 67 6e 61 6c 20 73 76 67 2c 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 2e 6f 74 2d 6f 70 74 6f 75 74 2d 73 69 67 6e 61 6c 20 73 76 67 7b 68 65 69 67 68 74 3a 32 30 70 78 3b 77 69 64 74 68 3a 33 30 70 78 3b 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 30 2e 35 29 7d 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 2e 6f 74 2d 6f 70 74 6f 75 74 2d 73 69 67 6e 61 6c 20 73 76 67 20 70 61 74 68 2c 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 2e 6f 74 2d 6f 70 74 6f 75 74 2d 73 69 67 6e 61 6c 20 73 76 67 20 70 61 74 68 7b 66 69 6c 6c 3a 23 33 32 61 65
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ay:inline;margin-right:5px}#onetrust-banner-sdk .ot-optout-signal svg,#onetrust-pc-sdk .ot-optout-signal svg{height:20px;width:30px;transform:scale(0.5)}#onetrust-banner-sdk .ot-optout-signal svg path,#onetrust-pc-sdk .ot-optout-signal svg path{fill:#32ae
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC1369INData Raw: 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 2e 6f 74 2d 74 6f 67 67 6c 65 2c 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 23 6f 74 2d 63 6f 6e 74 65 6e 74 2c 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 23 6f 74 2d 70 63 2d 63 6f 6e 74 65 6e 74 2c 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 2e 63 68 65 63 6b 62 6f 78 2c 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 64 69 76 2c 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 73 70 61 6e 2c 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 68 31 2c 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 68 32 2c 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 68 33 2c 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 68 34 2c
                                                                                                                                                                                                                                                                                                                                  Data Ascii: #onetrust-banner-sdk .ot-toggle,#onetrust-banner-sdk #ot-content,#onetrust-banner-sdk #ot-pc-content,#onetrust-banner-sdk .checkbox,#onetrust-pc-sdk div,#onetrust-pc-sdk span,#onetrust-pc-sdk h1,#onetrust-pc-sdk h2,#onetrust-pc-sdk h3,#onetrust-pc-sdk h4,
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC1369INData Raw: 73 64 6b 2d 63 6f 6f 6b 69 65 2d 70 6f 6c 69 63 79 20 74 64 2c 23 6f 74 2d 73 64 6b 2d 63 6f 6f 6b 69 65 2d 70 6f 6c 69 63 79 20 74 62 6f 64 79 2c 23 6f 74 2d 73 64 6b 2d 63 6f 6f 6b 69 65 2d 70 6f 6c 69 63 79 20 2e 6f 74 2d 6d 61 69 6e 2d 63 6f 6e 74 65 6e 74 2c 23 6f 74 2d 73 64 6b 2d 63 6f 6f 6b 69 65 2d 70 6f 6c 69 63 79 20 2e 6f 74 2d 74 6f 67 67 6c 65 2c 23 6f 74 2d 73 64 6b 2d 63 6f 6f 6b 69 65 2d 70 6f 6c 69 63 79 20 23 6f 74 2d 63 6f 6e 74 65 6e 74 2c 23 6f 74 2d 73 64 6b 2d 63 6f 6f 6b 69 65 2d 70 6f 6c 69 63 79 20 23 6f 74 2d 70 63 2d 63 6f 6e 74 65 6e 74 2c 23 6f 74 2d 73 64 6b 2d 63 6f 6f 6b 69 65 2d 70 6f 6c 69 63 79 20 2e 63 68 65 63 6b 62 6f 78 2c 23 6f 74 2d 73 79 6e 63 2d 6e 74 66 79 20 64 69 76 2c 23 6f 74 2d 73 79 6e 63 2d 6e 74 66 79
                                                                                                                                                                                                                                                                                                                                  Data Ascii: sdk-cookie-policy td,#ot-sdk-cookie-policy tbody,#ot-sdk-cookie-policy .ot-main-content,#ot-sdk-cookie-policy .ot-toggle,#ot-sdk-cookie-policy #ot-content,#ot-sdk-cookie-policy #ot-pc-content,#ot-sdk-cookie-policy .checkbox,#ot-sync-ntfy div,#ot-sync-ntfy
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC1369INData Raw: 65 72 2d 73 64 6b 20 6c 61 62 65 6c 3a 61 66 74 65 72 2c 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 2e 63 68 65 63 6b 62 6f 78 3a 61 66 74 65 72 2c 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 2e 63 68 65 63 6b 62 6f 78 3a 62 65 66 6f 72 65 2c 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 6c 61 62 65 6c 3a 62 65 66 6f 72 65 2c 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 6c 61 62 65 6c 3a 61 66 74 65 72 2c 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 2e 63 68 65 63 6b 62 6f 78 3a 61 66 74 65 72 2c 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 2e 63 68 65 63 6b 62 6f 78 3a 62 65 66 6f 72 65 2c 23 6f 74 2d 73 64 6b 2d 63 6f 6f 6b 69 65 2d 70 6f 6c 69 63 79 20 6c 61 62 65 6c 3a 62 65 66 6f 72 65 2c
                                                                                                                                                                                                                                                                                                                                  Data Ascii: er-sdk label:after,#onetrust-banner-sdk .checkbox:after,#onetrust-banner-sdk .checkbox:before,#onetrust-pc-sdk label:before,#onetrust-pc-sdk label:after,#onetrust-pc-sdk .checkbox:after,#onetrust-pc-sdk .checkbox:before,#ot-sdk-cookie-policy label:before,
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC1369INData Raw: 6b 2d 63 6f 6c 75 6d 6e 73 2c 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 2e 6f 74 2d 73 64 6b 2d 63 6f 6c 75 6d 6e 2c 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 2e 6f 74 2d 73 64 6b 2d 63 6f 6c 75 6d 6e 73 2c 23 6f 74 2d 73 64 6b 2d 63 6f 6f 6b 69 65 2d 70 6f 6c 69 63 79 20 2e 6f 74 2d 73 64 6b 2d 63 6f 6c 75 6d 6e 2c 23 6f 74 2d 73 64 6b 2d 63 6f 6f 6b 69 65 2d 70 6f 6c 69 63 79 20 2e 6f 74 2d 73 64 6b 2d 63 6f 6c 75 6d 6e 73 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 34 25 7d 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 2e 6f 74 2d 73 64 6b 2d 63 6f 6c 75 6d 6e 3a 66 69 72 73 74 2d 63 68 69 6c 64 2c 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 2e 6f 74 2d 73 64 6b 2d 63 6f 6c 75 6d 6e 73 3a 66 69 72 73 74
                                                                                                                                                                                                                                                                                                                                  Data Ascii: k-columns,#onetrust-pc-sdk .ot-sdk-column,#onetrust-pc-sdk .ot-sdk-columns,#ot-sdk-cookie-policy .ot-sdk-column,#ot-sdk-cookie-policy .ot-sdk-columns{margin-left:4%}#onetrust-banner-sdk .ot-sdk-column:first-child,#onetrust-banner-sdk .ot-sdk-columns:first


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  102192.168.2.749855172.64.155.1194437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC380OUTGET /cookieconsentpub/v1/geo/location HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: geolocation.onetrust.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC249INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:01 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Type: text/javascript
                                                                                                                                                                                                                                                                                                                                  Content-Length: 78
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                                                                                                                                                                                  CF-RAY: 8791a398efe269e3-LAS
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC78INData Raw: 6a 73 6f 6e 46 65 65 64 28 7b 22 63 6f 75 6e 74 72 79 22 3a 22 55 53 22 2c 22 73 74 61 74 65 22 3a 22 4e 56 22 2c 22 73 74 61 74 65 4e 61 6d 65 22 3a 22 4e 65 76 61 64 61 22 2c 22 63 6f 6e 74 69 6e 65 6e 74 22 3a 22 4e 41 22 7d 29 3b
                                                                                                                                                                                                                                                                                                                                  Data Ascii: jsonFeed({"country":"US","state":"NV","stateName":"Nevada","continent":"NA"});


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  103192.168.2.7498473.211.190.764437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC345OUTGET /json/ HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: geo.qualaroo.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:02 UTC190INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:01 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/json
                                                                                                                                                                                                                                                                                                                                  Content-Length: 241
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Vary: Origin
                                                                                                                                                                                                                                                                                                                                  X-Database-Date: Fri, 05 Jan 2018 18:56:42 GMT
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:02 UTC241INData Raw: 7b 22 69 70 22 3a 22 31 35 34 2e 31 36 2e 31 30 35 2e 33 36 22 2c 22 63 6f 75 6e 74 72 79 5f 63 6f 64 65 22 3a 22 55 53 22 2c 22 63 6f 75 6e 74 72 79 5f 6e 61 6d 65 22 3a 22 55 6e 69 74 65 64 20 53 74 61 74 65 73 22 2c 22 72 65 67 69 6f 6e 5f 63 6f 64 65 22 3a 22 41 5a 22 2c 22 72 65 67 69 6f 6e 5f 6e 61 6d 65 22 3a 22 41 72 69 7a 6f 6e 61 22 2c 22 63 69 74 79 22 3a 22 50 68 6f 65 6e 69 78 22 2c 22 7a 69 70 5f 63 6f 64 65 22 3a 22 38 35 30 30 34 22 2c 22 74 69 6d 65 5f 7a 6f 6e 65 22 3a 22 41 6d 65 72 69 63 61 2f 50 68 6f 65 6e 69 78 22 2c 22 6c 61 74 69 74 75 64 65 22 3a 33 33 2e 34 34 39 39 2c 22 6c 6f 6e 67 69 74 75 64 65 22 3a 2d 31 31 32 2e 30 37 31 32 2c 22 6d 65 74 72 6f 5f 63 6f 64 65 22 3a 37 35 33 7d 0a
                                                                                                                                                                                                                                                                                                                                  Data Ascii: {"ip":"154.16.105.36","country_code":"US","country_name":"United States","region_code":"AZ","region_name":"Arizona","city":"Phoenix","zip_code":"85004","time_zone":"America/Phoenix","latitude":33.4499,"longitude":-112.0712,"metro_code":753}


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  104192.168.2.74985250.56.19.1124437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC2218OUTGET /webapi/Announcements/GetPromo?url=https://www.telerik.com/download/fiddler/first-run HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-tracking-consent=true; sf-prs-ss=638495117894670000; sf-prs-lu=https://www.telerik.com/download/fiddler/first-run; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; elqUserId=a19fc914-6c53-4783-a26e-ba38f50b2a88; _uetsid=62ec1d5001c911ef8802d7a3fb1ea1ce; _uetvid=62ec671001c911ef89dd470cec5d38bd; _fbp=fb.1.1713914994453.110516813; ki_t=1713914995146%3B1713914995146%3B1713914995146%3B1%3B1; ki_r=; sf-ins-pv-id=eef0eedd-b11e-465f-ae5a-179b4f5e0fb9; sid=/pU34nM7xcF1a1i8u1OTxx/5J7bGqqAKXB2hXQOSALC5RJ2vae2gTRMWBg3kyy445Vdm0qRGnvVHMEEoR6SE1I1o0VOa/z9xqn/whm5Vqb40haS8tZDTwRx1NODFFQTPT3eFyQBOkyaTEQw3mN7RJIPVp00=; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjp0cnVlfQ==; _ga=GA1.2.925834404.1713914987; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A59+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=1&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1; _cq_pxg=3|n15624902978738937898069555|975652292|event=conversion; _ga_9JSNBCSF54=GS1.1.1713914987.1.1.1713914999.48.0.0
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:02 UTC452INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Content-Length: 35
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/json; charset=utf-8
                                                                                                                                                                                                                                                                                                                                  Expires: -1
                                                                                                                                                                                                                                                                                                                                  Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: http://localconverter.telerik.com
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:01 GMT
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:02 UTC35INData Raw: 7b 22 63 6f 6e 74 65 6e 74 22 3a 7b 22 70 72 6f 6d 6f 56 69 65 77 4d 6f 64 65 6c 22 3a 6e 75 6c 6c 7d 7d
                                                                                                                                                                                                                                                                                                                                  Data Ascii: {"content":{"promoViewModel":null}}


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  105192.168.2.74985350.56.19.1124437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC2631OUTGET /RestApi/personalizations/render?pageNodeId=5ceb4be1-05bd-4c69-892a-2c2bbd37538b&pageDataId=1f960fad-aef2-4475-8978-52fb7a29dbc9&pageNodeKey=5CEB4BE1-05BD-4C69-892A-2C2BBD37538B/b31ca85c-a1c5-4a9d-8b5d-e7b0736a8b16/SitefinitySiteMap&url=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&controls=09f9bb4f-5990-40af-b361-7849c73c9604_1,0cd3f511-e7d9-4e23-8773-26005ae09893_1,25637a62-a321-49a0-8b7e-5962dc977e95_1,6b5ac4dc-8fd0-4043-bd0a-e9ffd31e3bc8_1&correlationId=lvd0qj2kn097okrw3nn HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-tracking-consent=true; sf-prs-ss=638495117894670000; sf-prs-lu=https://www.telerik.com/download/fiddler/first-run; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; elqUserId=a19fc914-6c53-4783-a26e-ba38f50b2a88; _uetsid=62ec1d5001c911ef8802d7a3fb1ea1ce; _uetvid=62ec671001c911ef89dd470cec5d38bd; _fbp=fb.1.1713914994453.110516813; ki_t=1713914995146%3B1713914995146%3B1713914995146%3B1%3B1; ki_r=; sf-ins-pv-id=eef0eedd-b11e-465f-ae5a-179b4f5e0fb9; sid=/pU34nM7xcF1a1i8u1OTxx/5J7bGqqAKXB2hXQOSALC5RJ2vae2gTRMWBg3kyy445Vdm0qRGnvVHMEEoR6SE1I1o0VOa/z9xqn/whm5Vqb40haS8tZDTwRx1NODFFQTPT3eFyQBOkyaTEQw3mN7RJIPVp00=; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjp0cnVlfQ==; _ga=GA1.2.925834404.1713914987; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A59+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=1&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1; _cq_pxg=3|n15624902978738937898069555|975652292|event=conversion; _ga_9JSNBCSF54=GS1.1.1713914987.1.1.1713914999.48.0.0
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:02 UTC447INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                  Expires: -1
                                                                                                                                                                                                                                                                                                                                  Vary: Accept
                                                                                                                                                                                                                                                                                                                                  Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: http://localconverter.telerik.com
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:02 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Length: 13917
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:02 UTC12604INData Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 75 73 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 43 6f 6e 74 72 6f 6c 44 61 74 61 4d 65 73 73 61 67 65 20 53 6e 61 70 73 68 6f 74 20 6f 66 20 34 2f 32 33 2f 32 30 32 34 20 31 31 3a 33 30 3a 30 32 20 50 4d 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0d 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0d 0a 42 4f 44 59 2c 20 48 31 2c 20 48 32 2c 20 48 33 2c 20 48 34 2c 20 48 35 2c 20 48 36 2c 20 44 4c 2c 20 44 54 2c 20 44 44 20 7b 0d 0a 20 20
                                                                                                                                                                                                                                                                                                                                  Data Ascii: <!doctype html><html lang="en-us"><head><title>ControlDataMessage Snapshot of 4/23/2024 11:30:02 PM</title><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><style type="text/css">BODY, H1, H2, H3, H4, H5, H6, DL, DT, DD {
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:02 UTC1313INData Raw: 6e 75 6c 6c 20 3a 20 27 61 73 63 27 29 0d 0a 20 20 20 20 24 2e 65 61 63 68 28 24 24 28 27 54 48 27 29 2c 20 66 75 6e 63 74 69 6f 6e 28 69 2c 74 68 29 7b 20 69 66 20 28 74 68 20 3d 3d 3d 20 65 6c 29 20 72 65 74 75 72 6e 3b 20 74 68 2e 63 6c 61 73 73 4e 61 6d 65 20 3d 20 6e 75 6c 6c 3b 20 7d 29 0d 0a 20 20 20 20 63 6c 65 61 72 53 65 6c 28 29 0d 0a 20 20 20 20 6c 65 74 20 69 64 73 3d 65 6c 2e 69 64 2e 73 70 6c 69 74 28 27 2d 27 29 2c 20 74 49 64 3d 69 64 73 5b 31 5d 2c 20 63 49 64 3d 69 64 73 5b 32 5d 0d 0a 09 69 66 20 28 21 74 62 6c 73 5b 74 49 64 5d 29 20 72 65 74 75 72 6e 0d 0a 20 20 20 20 6c 65 74 20 74 62 6c 3d 74 62 6c 73 5b 74 49 64 5d 2e 73 6c 69 63 65 28 30 29 2c 20 68 3d 75 6e 69 71 75 65 4b 65 79 73 28 74 62 6c 29 2c 20 63 6f 6c 3d 6b 65 79 73 28
                                                                                                                                                                                                                                                                                                                                  Data Ascii: null : 'asc') $.each($$('TH'), function(i,th){ if (th === el) return; th.className = null; }) clearSel() let ids=el.id.split('-'), tId=ids[1], cId=ids[2]if (!tbls[tId]) return let tbl=tbls[tId].slice(0), h=uniqueKeys(tbl), col=keys(


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  106192.168.2.74985450.56.19.1124437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC2225OUTGET /sfimages/default-source/productsimages/kendo-ui-complete/kendoka_icon.png?sfvrsn=922435fb_2 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-tracking-consent=true; sf-prs-ss=638495117894670000; sf-prs-lu=https://www.telerik.com/download/fiddler/first-run; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; elqUserId=a19fc914-6c53-4783-a26e-ba38f50b2a88; _uetsid=62ec1d5001c911ef8802d7a3fb1ea1ce; _uetvid=62ec671001c911ef89dd470cec5d38bd; _fbp=fb.1.1713914994453.110516813; ki_t=1713914995146%3B1713914995146%3B1713914995146%3B1%3B1; ki_r=; sf-ins-pv-id=eef0eedd-b11e-465f-ae5a-179b4f5e0fb9; sid=/pU34nM7xcF1a1i8u1OTxx/5J7bGqqAKXB2hXQOSALC5RJ2vae2gTRMWBg3kyy445Vdm0qRGnvVHMEEoR6SE1I1o0VOa/z9xqn/whm5Vqb40haS8tZDTwRx1NODFFQTPT3eFyQBOkyaTEQw3mN7RJIPVp00=; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjp0cnVlfQ==; _ga=GA1.2.925834404.1713914987; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A59+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=1&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1; _cq_pxg=3|n15624902978738937898069555|975652292|event=conversion; _ga_9JSNBCSF54=GS1.1.1713914987.1.1.1713914999.48.0.0
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:02 UTC558INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Cache-Control: public, max-age=7776000
                                                                                                                                                                                                                                                                                                                                  Content-Length: 2588
                                                                                                                                                                                                                                                                                                                                  Content-Type: image/png
                                                                                                                                                                                                                                                                                                                                  Expires: Mon, 22 Jul 2024 23:30:01 GMT
                                                                                                                                                                                                                                                                                                                                  Last-Modified: Fri, 03 Sep 2021 08:38:14 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Disposition: inline; filename=kendoka_icon.png
                                                                                                                                                                                                                                                                                                                                  Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: http://localconverter.telerik.com
                                                                                                                                                                                                                                                                                                                                  Date: Mon, 02 Dec 2024 23:56:19 GMT
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:02 UTC2357INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 41 00 00 00 41 08 06 00 00 00 8e f7 c9 45 00 00 00 09 70 48 59 73 00 00 2e 23 00 00 2e 23 01 78 a5 3f 76 00 00 00 19 74 45 58 74 53 6f 66 74 77 61 72 65 00 41 64 6f 62 65 20 49 6d 61 67 65 52 65 61 64 79 71 c9 65 3c 00 00 09 a9 49 44 41 54 78 da e5 9c 0b 94 55 63 14 c7 a7 c9 ab 64 35 a2 24 c4 10 12 b1 28 a2 c8 63 5a de 16 2a cf 22 89 56 79 2c 0b 95 b2 f2 58 88 3c 32 94 47 13 95 32 91 47 ad 68 2a 46 2a 66 a8 bc 52 11 11 c6 90 92 68 cc d0 4c d3 cc 5c fb b3 7e 5f f6 3d 9d 73 ee 39 f7 31 37 6b 5a eb bf ee dc 73 bf e7 fe f6 b7 f7 7f ef ef 3b 65 64 a4 f8 df 98 31 63 9a 08 7a 08 86 09 26 0a 8a 04 25 82 32 41 8d 20 c2 67 19 cf 8b 28 37 94 7a 4d 32 fe 8f ff 64 e0 fb 31 e9 45 82 2a 26 1a 2f aa 68 c7 b4 d7 66
                                                                                                                                                                                                                                                                                                                                  Data Ascii: PNGIHDRAAEpHYs.#.#x?vtEXtSoftwareAdobe ImageReadyqe<IDATxUcd5$(cZ*"Vy,X<2G2Gh*F*fRhL\~_=s917kZs;ed1cz&%2A g(7zM2d1E*&/hf
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:02 UTC231INData Raw: 5c 70 8b e0 2b 25 fc 8b 7c b6 6d 7c f7 18 55 23 9e 37 5a c9 22 2f 24 7c b6 58 8d e4 0d e7 7f 93 5c c1 12 56 78 12 2f 77 75 f2 e9 af 2d 99 e9 5a 2c f9 5d d8 a8 83 48 b1 4f 70 39 83 fc ca a3 ad c4 6f b4 ba c4 15 71 5d ed 8d b3 cf 0e 68 90 93 21 56 70 46 f1 0c a7 55 43 dd 98 66 52 ef 36 ab 46 03 dd 72 4f 51 04 da 03 46 9a 13 eb f5 c0 94 dd 72 f7 d0 88 c2 fa ba e9 1a 62 7c a9 7d df c1 61 23 3c df 7c 49 a3 00 ea e7 cd 17 87 d7 68 b8 ef 40 39 78 44 5e 83 7d 1b ce 85 62 3b df 8b 1c d5 20 de 8b 74 b1 c8 0d f7 0d 59 97 7c 44 cf 00 ef 4a f7 8e f1 ae 74 6f f5 ae 74 e9 ff e2 5d 69 0f 81 b4 69 90 6f cd c7 48 bc f6 80 dd ed 90 ff 7f c2 3f b6 1f ec 9e dd 07 b4 b8 00 00 00 00 49 45 4e 44 ae 42 60 82
                                                                                                                                                                                                                                                                                                                                  Data Ascii: \p+%|m|U#7Z"/$|X\Vx/wu-Z,]HOp9oq]h!VpFUCfR6FrOQFrb|}a#<|Ih@9xD^}b; tY|DJtot]iioH?IENDB`


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  107192.168.2.74986131.13.70.364437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC909OUTGET /tr/?id=1444093252502226&ev=CHEQ&dl=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&rl=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&if=false&ts=1713914999876&sw=1280&sh=1024&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1713914994453.110516813&ler=empty&cdl=API_unavailable&it=1713914999827&coo=false&rqm=GET HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: www.facebook.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC469INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin:
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                                                                  cross-origin-resource-policy: cross-origin
                                                                                                                                                                                                                                                                                                                                  Server: proxygen-bolt
                                                                                                                                                                                                                                                                                                                                  X-FB-Connection-Quality: MODERATE; q=0.3, rtt=159, rtx=0, c=10, mss=1277, tbw=3403, tp=-1, tpl=-1, uplat=0, ullat=0
                                                                                                                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:01 GMT
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Content-Length: 0


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  108192.168.2.74986231.13.70.364437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC1019OUTGET /privacy_sandbox/pixel/register/trigger/?id=1444093252502226&ev=CHEQ&dl=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&rl=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&if=false&ts=1713914999876&sw=1280&sh=1024&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1713914994453.110516813&ler=empty&cdl=API_unavailable&it=1713914999827&coo=false&rqm=FGET HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: www.facebook.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                                                                  Attribution-Reporting-Eligible: trigger=navigation-source, event-source
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC948INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                  Content-Type: image/png
                                                                                                                                                                                                                                                                                                                                  reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
                                                                                                                                                                                                                                                                                                                                  report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC1903INData Raw: 63 6f 6e 74 65 6e 74 2d 73 65 63 75 72 69 74 79 2d 70 6f 6c 69 63 79 3a 20 64 65 66 61 75 6c 74 2d 73 72 63 20 64 61 74 61 3a 20 62 6c 6f 62 3a 20 27 73 65 6c 66 27 20 68 74 74 70 73 3a 2f 2f 2a 2e 66 62 73 62 78 2e 63 6f 6d 20 27 75 6e 73 61 66 65 2d 69 6e 6c 69 6e 65 27 20 2a 2e 66 61 63 65 62 6f 6f 6b 2e 63 6f 6d 20 2a 2e 66 62 63 64 6e 2e 6e 65 74 20 27 75 6e 73 61 66 65 2d 65 76 61 6c 27 3b 73 63 72 69 70 74 2d 73 72 63 20 2a 2e 66 61 63 65 62 6f 6f 6b 2e 63 6f 6d 20 2a 2e 66 62 63 64 6e 2e 6e 65 74 20 2a 2e 66 61 63 65 62 6f 6f 6b 2e 6e 65 74 20 31 32 37 2e 30 2e 30 2e 31 3a 2a 20 27 75 6e 73 61 66 65 2d 69 6e 6c 69 6e 65 27 20 62 6c 6f 62 3a 20 64 61 74 61 3a 20 27 73 65 6c 66 27 20 63 6f 6e 6e 65 63 74 2e 66 61 63 65 62 6f 6f 6b 2e 6e 65 74 20 27
                                                                                                                                                                                                                                                                                                                                  Data Ascii: content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net '
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC1580INData Raw: 70 65 72 6d 69 73 73 69 6f 6e 73 2d 70 6f 6c 69 63 79 3a 20 61 63 63 65 6c 65 72 6f 6d 65 74 65 72 3d 28 29 2c 20 61 74 74 72 69 62 75 74 69 6f 6e 2d 72 65 70 6f 72 74 69 6e 67 3d 28 73 65 6c 66 29 2c 20 61 75 74 6f 70 6c 61 79 3d 28 29 2c 20 62 6c 75 65 74 6f 6f 74 68 3d 28 29 2c 20 63 61 6d 65 72 61 3d 28 73 65 6c 66 29 2c 20 63 68 2d 64 65 76 69 63 65 2d 6d 65 6d 6f 72 79 3d 28 29 2c 20 63 68 2d 64 6f 77 6e 6c 69 6e 6b 3d 28 29 2c 20 63 68 2d 64 70 72 3d 28 29 2c 20 63 68 2d 65 63 74 3d 28 29 2c 20 63 68 2d 72 74 74 3d 28 29 2c 20 63 68 2d 73 61 76 65 2d 64 61 74 61 3d 28 29 2c 20 63 68 2d 75 61 2d 61 72 63 68 3d 28 29 2c 20 63 68 2d 75 61 2d 62 69 74 6e 65 73 73 3d 28 29 2c 20 63 68 2d 76 69 65 77 70 6f 72 74 2d 68 65 69 67 68 74 3d 28 29 2c 20 63 68
                                                                                                                                                                                                                                                                                                                                  Data Ascii: permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC69INData Raw: 34 33 0d 0a 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 01 00 00 00 01 08 04 00 00 00 b5 1c 0c 02 00 00 00 0a 49 44 41 54 78 9c 63 00 01 00 00 05 00 01 0d 0a 2d b4 00 00 00 00 49 45 4e 44 ae 42
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 43PNGIHDRIDATxc-IENDB
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC9INData Raw: 60 82 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                                                                  Data Ascii: `0


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  109192.168.2.749857192.29.11.1424437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC622OUTGET /visitor/v200/svrGP?pps=70&siteid=1325 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: s1325.t.eloqua.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: ELOQUA=GUID=A19FC9146C534783A26EBA38F50B2A88; ELQSTATUS=OK
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:02 UTC446INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-store
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/javascript; charset=utf-8
                                                                                                                                                                                                                                                                                                                                  Expires: -1
                                                                                                                                                                                                                                                                                                                                  X-Robots-Tag: noindex, nofollow
                                                                                                                                                                                                                                                                                                                                  X-Xss-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                                                                                  P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:01 GMT
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Content-Length: 79
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:02 UTC79INData Raw: 66 75 6e 63 74 69 6f 6e 20 47 65 74 45 6c 71 43 75 73 74 6f 6d 65 72 47 55 49 44 28 29 7b 20 72 65 74 75 72 6e 20 27 61 31 39 66 63 39 31 34 2d 36 63 35 33 2d 34 37 38 33 2d 61 32 36 65 2d 62 61 33 38 66 35 30 62 32 61 38 38 27 3b 20 7d
                                                                                                                                                                                                                                                                                                                                  Data Ascii: function GetElqCustomerGUID(){ return 'a19fc914-6c53-4783-a26e-ba38f50b2a88'; }


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  110192.168.2.74985652.252.156.534437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:01 UTC446OUTGET /collect/v2/data-centers/76766c2b-82f4-2453-81e5-fd840f3b455b/datasources/TelerikCom/interactions HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: api.insight.sitefinity.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:02 UTC1523INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:01 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                                                                                                                  Content-Length: 235
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Headers: Content-Type, Content-Length, X-Requested-With, Authorization, x-dataintelligence-accountkey, x-dataintelligence-datacenterkey, x-dataintelligence-datasource, x-dataintelligence-sort, x-dataintelligence-skip, x-dataintelligence-take, x-dataintelligence-fields, x-dataintelligence-count, x-dataintelligence-filterby, x-dataintelligence-filter, x-dataintelligence-contains, x-dataintelligence-nextrowkey, x-dataintelligence-flush, x-dataintelligence-fromdate, x-dataintelligence-todate, x-dataintelligence-period, x-dataintelligence-scale, x-dataintelligence-predicate, x-dataintelligence-subject, x-dataintelligence-ids, x-dataintelligence-datasources, x-dataintelligence-imagecrop, x-dataintelligence-contacts, x-forwarded-for, x-dataintelligence-sdk-version, Referer, Origin, x-dataintelligence-clientid, x-dataintelligence-campaignids, x-dataintelligence-userid, x-dataintelligence-errorid, x-dataintelligence-correlationid, cf-connecting-ip, x-forwarded-for, http_x_forwarded_for, x-forwarded, x-cluster-client-ip, forwarded-for, forwarded, remote_addr, client-ip
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  request-context: appId=cid-v1:a33f2e3a-ec15-4d53-8ac6-897af884626b
                                                                                                                                                                                                                                                                                                                                  Content-Security-Policy: default-src 'none'
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:02 UTC235INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 70 72 65 3e 43 61 6e 6e 6f 74 20 47 45 54 20 2f 63 6f 6c 6c 65 63 74 2f 76 32 2f 64 61 74 61 2d 63 65 6e 74 65 72 73 2f 37 36 37 36 36 63 32 62 2d 38 32 66 34 2d 32 34 35 33 2d 38 31 65 35 2d 66 64 38 34 30 66 33 62 34 35 35 62 2f 64 61 74 61 73 6f 75 72 63 65 73 2f 54 65 6c 65 72 69 6b 43 6f 6d 2f 69 6e 74 65 72 61 63 74 69 6f 6e 73 3c 2f 70 72 65 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                                                                                                                                                                                                                                                                                                  Data Ascii: <!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><title>Error</title></head><body><pre>Cannot GET /collect/v2/data-centers/76766c2b-82f4-2453-81e5-fd840f3b455b/datasources/TelerikCom/interactions</pre></body></html>


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  111192.168.2.749866192.29.11.1424437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:02 UTC610OUTGET /visitor/v200/svrGP?pps=3&siteid=1325&ref=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&ref2=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&tzo=-60&ms=36&optin=disabled HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: s1325.t.eloqua.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: ELOQUA=GUID=A19FC9146C534783A26EBA38F50B2A88; ELQSTATUS=OK
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:02 UTC418INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-store
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Content-Type: image/gif
                                                                                                                                                                                                                                                                                                                                  Expires: -1
                                                                                                                                                                                                                                                                                                                                  X-Robots-Tag: noindex, nofollow
                                                                                                                                                                                                                                                                                                                                  X-Xss-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                                                                                  P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:02 GMT
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Content-Length: 49
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:02 UTC49INData Raw: 47 49 46 38 39 61 01 00 01 00 91 ff 00 ff ff ff 00 00 00 ff ff ff 00 00 00 21 f9 04 01 00 00 02 00 2c 00 00 00 00 01 00 01 00 00 02 02 54 01 00 3b
                                                                                                                                                                                                                                                                                                                                  Data Ascii: GIF89a!,T;


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  112192.168.2.7498583.248.162.964437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:02 UTC2037OUTPOST /mon HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: obseu.ytwohlcq.telerik.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  Content-Length: 5907
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; cg_uuid=490a579c4dfc5a03b8ee2ef3e0a6a990; _fbp=fb.1.1713914994453.110516813; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjp0cnVlfQ==; _ga=GA1.2.925834404.1713914987; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A59+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=1&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1; _cq_pxg=3|n15624902978738937898069555|975652292|event=conversion; _ga_9JSNBCSF54=GS1.1.1713914987.1.1.1713914999.48.0.0; prgs_utm=%7B%22referrer%22%3A%22https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run%22%7D
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:02 UTC5907OUTData Raw: 65 3d 33 37 64 66 62 64 38 65 65 38 34 65 30 30 31 32 36 62 65 64 63 65 33 34 65 66 34 37 38 61 39 64 39 32 32 35 63 32 34 66 35 36 37 64 34 33 64 36 64 61 31 39 30 38 62 65 36 32 34 35 63 61 64 37 62 64 37 30 61 39 37 36 37 31 30 63 65 36 30 65 64 38 39 33 37 33 62 66 65 37 30 65 39 63 32 30 63 31 65 35 33 65 38 64 35 64 31 36 38 62 36 61 32 66 31 37 30 37 31 61 31 30 61 63 66 39 66 32 39 66 36 37 34 64 38 62 38 33 64 38 30 32 32 62 33 36 34 38 66 61 32 63 32 31 35 37 38 32 36 61 64 66 36 31 39 35 30 63 36 35 35 30 32 31 63 36 30 34 30 33 30 61 33 35 35 35 35 39 39 37 62 37 36 32 34 66 37 37 62 65 32 36 62 62 32 35 63 62 34 33 65 32 39 32 33 65 66 34 34 63 36 65 61 61 31 33 32 63 37 61 31 34 63 34 35 30 65 61 35 34 65 32 38 35 39 32 39 63 36 38 66 33 37
                                                                                                                                                                                                                                                                                                                                  Data Ascii: e=37dfbd8ee84e00126bedce34ef478a9d9225c24f567d43d6da1908be6245cad7bd70a976710ce60ed89373bfe70e9c20c1e53e8d5d168b6a2f17071a10acf9f29f674d8b83d8022b3648fa2c2157826adf61950c655021c604030a35555997b7624f77be26bb25cb43e2923ef44c6eaa132c7a14c450ea54e285929c68f37
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:02 UTC282INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/json
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:02 GMT
                                                                                                                                                                                                                                                                                                                                  Connection: close


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  113192.168.2.749868142.251.2.1554437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:02 UTC1047OUTGET /pagead/viewthroughconversion/975652292/?label=p4zxCNq_8IkYEMSLndED&guid=ON&script=0&ct_cookie_present=false&random=1179055552&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQIiAQFAAQ&pscrd=CP3366-R-MPBRCITCMD-7va-2YUDFRPn_QUdzCoKzjICCAMyAggEMgIIBzICCAgyAggJMgIICjICCAIyAggLOhhodHRwczovL3d3dy50ZWxlcmlrLmNvbS8 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: googleads.g.doubleclick.net
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                                                                  X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: IDE=AHWqTUkWuMucKmweOSwmj7RW92pz4PKO8842RtsIxN0p7KUWBRm2nELl74IoNpUN
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:02 UTC999INHTTP/1.1 302 Found
                                                                                                                                                                                                                                                                                                                                  P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
                                                                                                                                                                                                                                                                                                                                  Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:02 GMT
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache, must-revalidate
                                                                                                                                                                                                                                                                                                                                  Location: https://www.google.com/pagead/1p-conversion/975652292/?label=p4zxCNq_8IkYEMSLndED&guid=ON&script=0&ct_cookie_present=false&random=1179055552&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQIiAQFAAQ&pscrd=CP3366-R-MPBRCITCMD-7va-2YUDFRPn_QUdzCoKzjICCAMyAggEMgIIBzICCAgyAggJMgIICjICCAIyAggLOhhodHRwczovL3d3dy50ZWxlcmlrLmNvbS8&is_vtc=1&cid=CAQSKQB7FLtq7vHysrjC5gqiPZ6KwQycqXLSQgcFG2luX6Zwzwi48rP2fAB9&random=4066413161
                                                                                                                                                                                                                                                                                                                                  Content-Type: image/gif
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  Server: cafe
                                                                                                                                                                                                                                                                                                                                  Content-Length: 42
                                                                                                                                                                                                                                                                                                                                  X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:02 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                                                                  Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  114192.168.2.7498653.248.162.964437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:03 UTC2037OUTPOST /mon HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: obseu.ytwohlcq.telerik.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  Content-Length: 2044
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; cg_uuid=490a579c4dfc5a03b8ee2ef3e0a6a990; _fbp=fb.1.1713914994453.110516813; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjp0cnVlfQ==; _ga=GA1.2.925834404.1713914987; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A59+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=1&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1; _cq_pxg=3|n15624902978738937898069555|975652292|event=conversion; _ga_9JSNBCSF54=GS1.1.1713914987.1.1.1713914999.48.0.0; prgs_utm=%7B%22referrer%22%3A%22https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run%22%7D
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:03 UTC2044OUTData Raw: 65 3d 33 37 64 66 62 64 38 65 65 38 34 65 30 30 31 32 36 62 65 64 63 65 33 34 65 66 34 37 38 61 39 64 39 32 32 35 63 32 34 66 35 36 37 64 34 33 64 36 64 61 31 39 30 38 62 65 36 32 34 35 63 61 64 37 62 64 37 30 61 39 37 36 37 31 30 63 65 36 30 65 64 38 39 33 37 33 62 66 65 37 30 65 39 63 32 30 63 31 65 35 33 65 38 64 35 64 31 36 38 62 36 61 32 66 31 37 30 37 31 61 31 30 61 63 66 39 66 32 39 66 36 37 34 64 38 62 38 33 64 38 30 32 32 62 33 36 34 38 66 61 32 63 32 31 35 37 38 32 36 61 64 66 36 31 39 35 30 63 36 35 35 30 32 31 63 36 30 34 30 33 30 61 33 35 35 35 35 39 39 37 62 37 36 32 34 66 37 37 62 65 32 36 62 62 32 35 63 62 34 33 65 32 39 32 33 65 66 34 34 63 36 65 61 61 31 33 32 63 37 61 31 34 63 34 35 30 65 61 35 34 65 32 38 35 39 32 39 63 36 38 66 33 37
                                                                                                                                                                                                                                                                                                                                  Data Ascii: e=37dfbd8ee84e00126bedce34ef478a9d9225c24f567d43d6da1908be6245cad7bd70a976710ce60ed89373bfe70e9c20c1e53e8d5d168b6a2f17071a10acf9f29f674d8b83d8022b3648fa2c2157826adf61950c655021c604030a35555997b7624f77be26bb25cb43e2923ef44c6eaa132c7a14c450ea54e285929c68f37
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:03 UTC282INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/json
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:03 GMT
                                                                                                                                                                                                                                                                                                                                  Connection: close


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  115192.168.2.7498673.248.162.964437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:03 UTC3690OUTGET /tracker/tc_imp.gif?e=37dfbd8ee84e00126bedce34ef478a9d9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5d168b6a2f17071a10acf9f29f674d8b83d8022b3648fa2c2157826adf61950c655021c604030a35555997b7624f77be26bb25cb43e2923ef44c6eaa132c7a14c450ea54e285929c68f37950aa2084ba5f7ff35b7b1a2d18c8c9077af562b7818fbd1910fa0a9fc95df820da75c45b956279f02b01f2040e0228d2595fe69fe0a100ba2f965f980cf64d766dbad1276140023df819958d45a95f60e8e4e47116253bc6f57662d4dd09012b4576190bb98e32606d64f5ac183bd5b4f02d97fe58740f30b9e4f0d58a7dacd9db0ee35fc95f6f6bc9ecc8b6f03dc5d8e23d97320fd9ad9d784a40ff6939ac820876b08de97e8a03fa42ae965d8013d9c56d9c7c71d6da2dc77ad795afedcbbabf4c68af74a8e8a5744e60e3943dcceb13e75a1058830906d092cecccaec9426873ac792f5c638e87b3b6cd7366b8493925f2adca82bf853b5c11fd837ae3d1a0b63fd76f14ddc87f62cf6c72fc45cbfd9929b77895d437ded590413260974d1ba71a51d99819231b0d273fa9e2bca89e0b27c82bfaa596b6b84e75347ddfa0d5104f2e2e524bb6cc3a81fabfd6cf722b22d87008c06ddba58924672a6f7c974232d3e526c520b46eeb8d332c008a5075c5f3bafe53c83c14d52bac18ba8b67ecbefe1f485fcabf14f513dfc4685bf586a8a4b6209cb710b231faa22fa285dbbbfd3699861c9248caa2fc4b90990720b25250162129dc0e1da3a7354990a59879185a9baa152059eb0bd6197cf7379d0ce133c69fa91c55721b72483439c06fe3c9d16c7d515f8ba5ffe89dc97c11370e5f23a7d8371a78eb9aa129564330841d0151536f6fb3686b711cccdc2ae1edf9b95704b6e13ac37b904b454b5806a9f334728493d633f9633c7f56635c61dc7f3f569a8bb289e6861eb5425788de2c30b44ef76f48d19db0338084da25b57f3cbbf1ebd165ec7dd67a2d6dca8925ec81f157407f81c484e8ed24805a836e7e2d379de97bd72022ff32e79575aad4207bfc6b00a1b927e6387c2c553c3d5bacf5922a622fb5a3b44c64f3f6d958d510399dce0caf0f24ea328ac6ec9379ecc5195fff22a2bfdd90391cbfca0cef0cadf6b01dfa4375f9b23805bde4cebe52cacd3df8c32cbc6a7a4a41520cdbfb1ec499705d411432f&cri=JFpDhY30Gl&ts=1709&cb=1713914999226 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: obseu.ytwohlcq.telerik.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; cg_uuid=490a579c4dfc5a03b8ee2ef3e0a6a990; _fbp=fb.1.1713914994453.110516813; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjp0cnVlfQ==; _ga=GA1.2.925834404.1713914987; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A59+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=1&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1; _cq_pxg=3|n15624902978738937898069555|975652292|event=conversion; _ga_9JSNBCSF54=GS1.1.1713914987.1.1.1713914999.48.0.0
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:03 UTC230INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                                                                                                                  Content-Length: 43
                                                                                                                                                                                                                                                                                                                                  Content-Type: image/gif
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:03 GMT
                                                                                                                                                                                                                                                                                                                                  Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:03 UTC43INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 db df ef 00 00 00 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 02 44 01 00 3b
                                                                                                                                                                                                                                                                                                                                  Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  116192.168.2.749871142.251.2.1554437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:03 UTC1676OUTGET /pagead/viewthroughconversion/975652292/?random=1606867032&cv=11&fst=1713914999207&bg=ffffff&guid=ON&async=1&gtm=45je44m0v9167661709za200&gcs=G111&gcd=13v3v3v3v5&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&ref=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&label=p4zxCNq_8IkYEMSLndED&hn=www.googleadservices.com&frm=0&tiba=First%20run&gtm_ee=1&npa=0&pscdl=noapi&auid=571138784.1713914988&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.134%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.134&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIImMGxAiIBAUABSixldmVudC1zb3VyY2UsIHRyaWdnZXIsIG5vdC1uYXZpZ2F0aW9uLXNvdXJjZWIECgICAw&pscrd=CM2Ako6n_oyx2gEiEwjx09j2vtmFAxX04v0FHdn_BDEyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggCMgIICzoYaHR0cHM6Ly93d3cudGVsZXJpay5jb20v HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: googleads.g.doubleclick.net
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                                                                  X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: IDE=AHWqTUkWuMucKmweOSwmj7RW92pz4PKO8842RtsIxN0p7KUWBRm2nELl74IoNpUN
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:03 UTC1628INHTTP/1.1 302 Found
                                                                                                                                                                                                                                                                                                                                  P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
                                                                                                                                                                                                                                                                                                                                  Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:03 GMT
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache, must-revalidate
                                                                                                                                                                                                                                                                                                                                  Location: https://www.google.com/pagead/1p-conversion/975652292/?random=1606867032&cv=11&fst=1713914999207&bg=ffffff&guid=ON&async=1&gtm=45je44m0v9167661709za200&gcs=G111&gcd=13v3v3v3v5&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&ref=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&label=p4zxCNq_8IkYEMSLndED&hn=www.googleadservices.com&frm=0&tiba=First%20run&gtm_ee=1&npa=0&pscdl=noapi&auid=571138784.1713914988&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.134%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.134&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIImMGxAiIBAUABSixldmVudC1zb3VyY2UsIHRyaWdnZXIsIG5vdC1uYXZpZ2F0aW9uLXNvdXJjZWIECgICAw&pscrd=CM2Ako6n_oyx2gEiEwjx09j2vtmFAxX04v0FHdn_BDEyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggCMgIICzoYaHR0cHM6Ly93d3cudGVsZXJpay5jb20v&is_vtc=1&cid=CAQSKQB7FLtqE4sJQ7vTC2SIeSxPSNMEYUhouSgDttPNJEA17X4d4m_wOclY&random=1703345189
                                                                                                                                                                                                                                                                                                                                  Content-Type: image/gif
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  Server: cafe
                                                                                                                                                                                                                                                                                                                                  Content-Length: 42
                                                                                                                                                                                                                                                                                                                                  X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:03 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                                                                  Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  117192.168.2.749872142.250.141.1064437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:03 UTC1040OUTGET /pagead/1p-conversion/975652292/?label=p4zxCNq_8IkYEMSLndED&guid=ON&script=0&ct_cookie_present=false&random=1179055552&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQIiAQFAAQ&pscrd=CP3366-R-MPBRCITCMD-7va-2YUDFRPn_QUdzCoKzjICCAMyAggEMgIIBzICCAgyAggJMgIICjICCAIyAggLOhhodHRwczovL3d3dy50ZWxlcmlrLmNvbS8&is_vtc=1&cid=CAQSKQB7FLtq7vHysrjC5gqiPZ6KwQycqXLSQgcFG2luX6Zwzwi48rP2fAB9&random=4066413161 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: www.google.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                                                                  X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:03 UTC602INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
                                                                                                                                                                                                                                                                                                                                  Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:03 GMT
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                                                                                                                  Content-Type: image/gif
                                                                                                                                                                                                                                                                                                                                  Content-Security-Policy: script-src 'none'; object-src 'none'
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  Server: cafe
                                                                                                                                                                                                                                                                                                                                  Content-Length: 42
                                                                                                                                                                                                                                                                                                                                  X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:03 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                                                                  Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  118192.168.2.749876142.250.141.1064437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:04 UTC1669OUTGET /pagead/1p-conversion/975652292/?random=1606867032&cv=11&fst=1713914999207&bg=ffffff&guid=ON&async=1&gtm=45je44m0v9167661709za200&gcs=G111&gcd=13v3v3v3v5&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&ref=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&label=p4zxCNq_8IkYEMSLndED&hn=www.googleadservices.com&frm=0&tiba=First%20run&gtm_ee=1&npa=0&pscdl=noapi&auid=571138784.1713914988&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.134%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.134&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIImMGxAiIBAUABSixldmVudC1zb3VyY2UsIHRyaWdnZXIsIG5vdC1uYXZpZ2F0aW9uLXNvdXJjZWIECgICAw&pscrd=CM2Ako6n_oyx2gEiEwjx09j2vtmFAxX04v0FHdn_BDEyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggCMgIICzoYaHR0cHM6Ly93d3cudGVsZXJpay5jb20v&is_vtc=1&cid=CAQSKQB7FLtqE4sJQ7vTC2SIeSxPSNMEYUhouSgDttPNJEA17X4d4m_wOclY&random=1703345189 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: www.google.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                                                                  X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:04 UTC602INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
                                                                                                                                                                                                                                                                                                                                  Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:04 GMT
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                                                                                                                  Content-Type: image/gif
                                                                                                                                                                                                                                                                                                                                  Content-Security-Policy: script-src 'none'; object-src 'none'
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  Server: cafe
                                                                                                                                                                                                                                                                                                                                  Content-Length: 42
                                                                                                                                                                                                                                                                                                                                  X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:04 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                                                                  Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  119192.168.2.74987731.13.70.364437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:04 UTC674OUTGET /tr/?id=1444093252502226&ev=CHEQ&dl=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&rl=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&if=false&ts=1713914999876&sw=1280&sh=1024&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1713914994453.110516813&ler=empty&cdl=API_unavailable&it=1713914999827&coo=false&rqm=GET HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: www.facebook.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:04 UTC469INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin:
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                                                                  cross-origin-resource-policy: cross-origin
                                                                                                                                                                                                                                                                                                                                  Server: proxygen-bolt
                                                                                                                                                                                                                                                                                                                                  X-FB-Connection-Quality: MODERATE; q=0.3, rtt=159, rtx=0, c=10, mss=1277, tbw=3402, tp=-1, tpl=-1, uplat=0, ullat=0
                                                                                                                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:04 GMT
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Content-Length: 0


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  120192.168.2.74987831.13.70.364437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:04 UTC711OUTGET /privacy_sandbox/pixel/register/trigger/?id=1444093252502226&ev=CHEQ&dl=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&rl=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&if=false&ts=1713914999876&sw=1280&sh=1024&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1713914994453.110516813&ler=empty&cdl=API_unavailable&it=1713914999827&coo=false&rqm=FGET HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: www.facebook.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:04 UTC900INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
                                                                                                                                                                                                                                                                                                                                  report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:04 UTC1903INData Raw: 63 6f 6e 74 65 6e 74 2d 73 65 63 75 72 69 74 79 2d 70 6f 6c 69 63 79 3a 20 64 65 66 61 75 6c 74 2d 73 72 63 20 64 61 74 61 3a 20 62 6c 6f 62 3a 20 27 73 65 6c 66 27 20 68 74 74 70 73 3a 2f 2f 2a 2e 66 62 73 62 78 2e 63 6f 6d 20 27 75 6e 73 61 66 65 2d 69 6e 6c 69 6e 65 27 20 2a 2e 66 61 63 65 62 6f 6f 6b 2e 63 6f 6d 20 2a 2e 66 62 63 64 6e 2e 6e 65 74 20 27 75 6e 73 61 66 65 2d 65 76 61 6c 27 3b 73 63 72 69 70 74 2d 73 72 63 20 2a 2e 66 61 63 65 62 6f 6f 6b 2e 63 6f 6d 20 2a 2e 66 62 63 64 6e 2e 6e 65 74 20 2a 2e 66 61 63 65 62 6f 6f 6b 2e 6e 65 74 20 31 32 37 2e 30 2e 30 2e 31 3a 2a 20 27 75 6e 73 61 66 65 2d 69 6e 6c 69 6e 65 27 20 62 6c 6f 62 3a 20 64 61 74 61 3a 20 27 73 65 6c 66 27 20 63 6f 6e 6e 65 63 74 2e 66 61 63 65 62 6f 6f 6b 2e 6e 65 74 20 27
                                                                                                                                                                                                                                                                                                                                  Data Ascii: content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net '
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:04 UTC1613INData Raw: 70 65 72 6d 69 73 73 69 6f 6e 73 2d 70 6f 6c 69 63 79 3a 20 61 63 63 65 6c 65 72 6f 6d 65 74 65 72 3d 28 29 2c 20 61 74 74 72 69 62 75 74 69 6f 6e 2d 72 65 70 6f 72 74 69 6e 67 3d 28 73 65 6c 66 29 2c 20 61 75 74 6f 70 6c 61 79 3d 28 29 2c 20 62 6c 75 65 74 6f 6f 74 68 3d 28 29 2c 20 63 61 6d 65 72 61 3d 28 73 65 6c 66 29 2c 20 63 68 2d 64 65 76 69 63 65 2d 6d 65 6d 6f 72 79 3d 28 29 2c 20 63 68 2d 64 6f 77 6e 6c 69 6e 6b 3d 28 29 2c 20 63 68 2d 64 70 72 3d 28 29 2c 20 63 68 2d 65 63 74 3d 28 29 2c 20 63 68 2d 72 74 74 3d 28 29 2c 20 63 68 2d 73 61 76 65 2d 64 61 74 61 3d 28 29 2c 20 63 68 2d 75 61 2d 61 72 63 68 3d 28 29 2c 20 63 68 2d 75 61 2d 62 69 74 6e 65 73 73 3d 28 29 2c 20 63 68 2d 76 69 65 77 70 6f 72 74 2d 68 65 69 67 68 74 3d 28 29 2c 20 63 68
                                                                                                                                                                                                                                                                                                                                  Data Ascii: permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  121192.168.2.7498753.248.162.964437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:04 UTC2037OUTPOST /mon HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: obseu.ytwohlcq.telerik.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  Content-Length: 2163
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; cg_uuid=490a579c4dfc5a03b8ee2ef3e0a6a990; _fbp=fb.1.1713914994453.110516813; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjp0cnVlfQ==; _ga=GA1.2.925834404.1713914987; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A59+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=1&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1; _cq_pxg=3|n15624902978738937898069555|975652292|event=conversion; _ga_9JSNBCSF54=GS1.1.1713914987.1.1.1713914999.48.0.0; prgs_utm=%7B%22referrer%22%3A%22https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run%22%7D
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:04 UTC2163OUTData Raw: 65 3d 33 37 64 66 62 64 38 65 65 38 34 65 30 30 31 32 36 62 65 64 63 65 33 34 65 66 34 37 38 61 39 64 39 32 32 35 63 32 34 66 35 36 37 64 34 33 64 36 64 61 31 39 30 38 62 65 36 32 34 35 63 61 64 37 62 64 37 30 61 39 37 36 37 31 30 63 65 36 30 65 64 38 39 33 37 33 62 66 65 37 30 65 39 63 32 30 63 31 65 35 33 65 38 64 35 64 31 36 38 62 36 61 32 66 31 37 30 37 31 61 31 30 61 63 66 39 66 32 39 66 36 37 34 64 38 62 38 33 64 38 30 32 32 62 33 36 34 38 66 61 32 63 32 31 35 37 38 32 36 61 64 66 36 31 39 35 30 63 36 35 35 30 32 31 63 36 30 34 30 33 30 61 33 35 35 35 35 39 39 37 62 37 36 32 34 66 37 37 62 65 32 36 62 62 32 35 63 62 34 33 65 32 39 32 33 65 66 34 34 63 36 65 61 61 31 33 32 63 37 61 31 34 63 34 35 30 65 61 35 34 65 32 38 35 39 32 39 63 36 38 66 33 37
                                                                                                                                                                                                                                                                                                                                  Data Ascii: e=37dfbd8ee84e00126bedce34ef478a9d9225c24f567d43d6da1908be6245cad7bd70a976710ce60ed89373bfe70e9c20c1e53e8d5d168b6a2f17071a10acf9f29f674d8b83d8022b3648fa2c2157826adf61950c655021c604030a35555997b7624f77be26bb25cb43e2923ef44c6eaa132c7a14c450ea54e285929c68f37
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:05 UTC282INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/json
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:05 GMT
                                                                                                                                                                                                                                                                                                                                  Connection: close


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  122192.168.2.749881142.250.141.1044437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:04 UTC805OUTGET /pagead/1p-conversion/975652292/?label=p4zxCNq_8IkYEMSLndED&guid=ON&script=0&ct_cookie_present=false&random=1179055552&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQIiAQFAAQ&pscrd=CP3366-R-MPBRCITCMD-7va-2YUDFRPn_QUdzCoKzjICCAMyAggEMgIIBzICCAgyAggJMgIICjICCAIyAggLOhhodHRwczovL3d3dy50ZWxlcmlrLmNvbS8&is_vtc=1&cid=CAQSKQB7FLtq7vHysrjC5gqiPZ6KwQycqXLSQgcFG2luX6Zwzwi48rP2fAB9&random=4066413161 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: www.google.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:05 UTC602INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
                                                                                                                                                                                                                                                                                                                                  Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:05 GMT
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                                                                                                                  Content-Type: image/gif
                                                                                                                                                                                                                                                                                                                                  Content-Security-Policy: script-src 'none'; object-src 'none'
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  Server: cafe
                                                                                                                                                                                                                                                                                                                                  Content-Length: 42
                                                                                                                                                                                                                                                                                                                                  X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:05 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                                                                  Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  123192.168.2.7498793.248.162.964437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:05 UTC1762OUTGET /mon HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: obseu.ytwohlcq.telerik.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; cg_uuid=490a579c4dfc5a03b8ee2ef3e0a6a990; _fbp=fb.1.1713914994453.110516813; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjp0cnVlfQ==; _ga=GA1.2.925834404.1713914987; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A59+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=1&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1; _cq_pxg=3|n15624902978738937898069555|975652292|event=conversion; _ga_9JSNBCSF54=GS1.1.1713914987.1.1.1713914999.48.0.0; prgs_utm=%7B%22referrer%22%3A%22https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run%22%7D
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:05 UTC268INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: undefined
                                                                                                                                                                                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/json
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:05 GMT
                                                                                                                                                                                                                                                                                                                                  Connection: close


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  124192.168.2.7498803.248.162.964437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:05 UTC3558OUTGET /tracker/tc_imp.gif?e=37dfbd8ee84e00126bedce34ef478a9d9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5d168b6a2f17071a10acf9f29f674d8b83d8022b3648fa2c2157826adf61950c655021c604030a35555997b7624f77be26bb25cb43e2923ef44c6eaa132c7a14c450ea54e285929c68f37950aa2084ba5f7ff35b7b1a2d18c8c9077af562b7818fbd1910fa0a9fc95df820da75c45b956279f02b01f2040e0228d2595fe69fe0a100ba2f965f980cf64d766dbad1276140023df819958d45a95f60e8e4e47116253bc6f57662d4dd09012b4576190bb98e32606d64f5ac183bd5b4f02d97fe58740f30b9e4f0d58a7dacd9db0ee35fc95f6f6bc9ecc8b6f03dc5d8e23d97320fd9ad9d784a40ff6939ac820876b08de97e8a03fa42ae965d8013d9c56d9c7c71d6da2dc77ad795afedcbbabf4c68af74a8e8a5744e60e3943dcceb13e75a1058830906d092cecccaec9426873ac792f5c638e87b3b6cd7366b8493925f2adca82bf853b5c11fd837ae3d1a0b63fd76f14ddc87f62cf6c72fc45cbfd9929b77895d437ded590413260974d1ba71a51d99819231b0d273fa9e2bca89e0b27c82bfaa596b6b84e75347ddfa0d5104f2e2e524bb6cc3a81fabfd6cf722b22d87008c06ddba58924672a6f7c974232d3e526c520b46eeb8d332c008a5075c5f3bafe53c83c14d52bac18ba8b67ecbefe1f485fcabf14f513dfc4685bf586a8a4b6209cb710b231faa22fa285dbbbfd3699861c9248caa2fc4b90990720b25250162129dc0e1da3a7354990a59879185a9baa152059eb0bd6197cf7379d0ce133c69fa91c55721b72483439c06fe3c9d16c7d515f8ba5ffe89dc97c11370e5f23a7d8371a78eb9aa129564330841d0151536f6fb3686b711cccdc2ae1edf9b95704b6e13ac37b904b454b5806a9f334728493d633f9633c7f56635c61dc7f3f569a8bb289e6861eb5425788de2c30b44ef76f48d19db0338084da25b57f3cbbf1ebd165ec7dd67a2d6dca8925ec81f157407f81c484e8ed24805a836e7e2d379de97bd72022ff32e79575aad4207bfc6b00a1b927e6387c2c553c3d5bacf5922a622fb5a3b44c64f3f6d958d510399dce0caf0f24ea328ac6ec9379ecc5195fff22a2bfdd90391cbfca0cef0cadf6b01dfa4375f9b23805bde4cebe52cacd3df8c32cbc6a7a4a41520cdbfb1ec499705d411432f&cri=JFpDhY30Gl&ts=1709&cb=1713914999226 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: obseu.ytwohlcq.telerik.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; cg_uuid=490a579c4dfc5a03b8ee2ef3e0a6a990; _fbp=fb.1.1713914994453.110516813; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjp0cnVlfQ==; _ga=GA1.2.925834404.1713914987; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A59+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=1&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1; _cq_pxg=3|n15624902978738937898069555|975652292|event=conversion; _ga_9JSNBCSF54=GS1.1.1713914987.1.1.1713914999.48.0.0; prgs_utm=%7B%22referrer%22%3A%22https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run%22%7D
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:05 UTC230INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                                                                                                                  Content-Length: 43
                                                                                                                                                                                                                                                                                                                                  Content-Type: image/gif
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:05 GMT
                                                                                                                                                                                                                                                                                                                                  Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:05 UTC43INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 db df ef 00 00 00 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 02 44 01 00 3b
                                                                                                                                                                                                                                                                                                                                  Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  125192.168.2.7498853.211.190.764437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:05 UTC568OUTGET /json/ HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: geo.qualaroo.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  Accept: application/javascript
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:05 UTC284INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:05 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/json
                                                                                                                                                                                                                                                                                                                                  Content-Length: 241
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Vary: Origin
                                                                                                                                                                                                                                                                                                                                  X-Database-Date: Fri, 05 Jan 2018 18:56:42 GMT
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:05 UTC241INData Raw: 7b 22 69 70 22 3a 22 31 35 34 2e 31 36 2e 31 30 35 2e 33 36 22 2c 22 63 6f 75 6e 74 72 79 5f 63 6f 64 65 22 3a 22 55 53 22 2c 22 63 6f 75 6e 74 72 79 5f 6e 61 6d 65 22 3a 22 55 6e 69 74 65 64 20 53 74 61 74 65 73 22 2c 22 72 65 67 69 6f 6e 5f 63 6f 64 65 22 3a 22 41 5a 22 2c 22 72 65 67 69 6f 6e 5f 6e 61 6d 65 22 3a 22 41 72 69 7a 6f 6e 61 22 2c 22 63 69 74 79 22 3a 22 50 68 6f 65 6e 69 78 22 2c 22 7a 69 70 5f 63 6f 64 65 22 3a 22 38 35 30 30 34 22 2c 22 74 69 6d 65 5f 7a 6f 6e 65 22 3a 22 41 6d 65 72 69 63 61 2f 50 68 6f 65 6e 69 78 22 2c 22 6c 61 74 69 74 75 64 65 22 3a 33 33 2e 34 34 39 39 2c 22 6c 6f 6e 67 69 74 75 64 65 22 3a 2d 31 31 32 2e 30 37 31 32 2c 22 6d 65 74 72 6f 5f 63 6f 64 65 22 3a 37 35 33 7d 0a
                                                                                                                                                                                                                                                                                                                                  Data Ascii: {"ip":"154.16.105.36","country_code":"US","country_name":"United States","region_code":"AZ","region_name":"Arizona","city":"Phoenix","zip_code":"85004","time_zone":"America/Phoenix","latitude":33.4499,"longitude":-112.0712,"metro_code":753}


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  126192.168.2.749886142.250.141.1044437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:05 UTC1434OUTGET /pagead/1p-conversion/975652292/?random=1606867032&cv=11&fst=1713914999207&bg=ffffff&guid=ON&async=1&gtm=45je44m0v9167661709za200&gcs=G111&gcd=13v3v3v3v5&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&ref=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&label=p4zxCNq_8IkYEMSLndED&hn=www.googleadservices.com&frm=0&tiba=First%20run&gtm_ee=1&npa=0&pscdl=noapi&auid=571138784.1713914988&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.134%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.134&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIImMGxAiIBAUABSixldmVudC1zb3VyY2UsIHRyaWdnZXIsIG5vdC1uYXZpZ2F0aW9uLXNvdXJjZWIECgICAw&pscrd=CM2Ako6n_oyx2gEiEwjx09j2vtmFAxX04v0FHdn_BDEyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggCMgIICzoYaHR0cHM6Ly93d3cudGVsZXJpay5jb20v&is_vtc=1&cid=CAQSKQB7FLtqE4sJQ7vTC2SIeSxPSNMEYUhouSgDttPNJEA17X4d4m_wOclY&random=1703345189 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: www.google.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:05 UTC602INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
                                                                                                                                                                                                                                                                                                                                  Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:05 GMT
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                                                                                                                  Content-Type: image/gif
                                                                                                                                                                                                                                                                                                                                  Content-Security-Policy: script-src 'none'; object-src 'none'
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  Server: cafe
                                                                                                                                                                                                                                                                                                                                  Content-Length: 42
                                                                                                                                                                                                                                                                                                                                  X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:05 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                                                                  Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  127192.168.2.749887146.75.92.1574437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:05 UTC527OUTGET /uwt.js HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: static.ads-twitter.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:05 UTC543INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Content-Length: 57671
                                                                                                                                                                                                                                                                                                                                  Last-Modified: Thu, 04 Apr 2024 00:26:35 GMT
                                                                                                                                                                                                                                                                                                                                  ETag: "bbbcf811d8437a575d796a4c1e5d4fad"
                                                                                                                                                                                                                                                                                                                                  x-amz-server-side-encryption: AES256
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/javascript; charset=utf-8
                                                                                                                                                                                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:05 GMT
                                                                                                                                                                                                                                                                                                                                  X-Served-By: cache-iad-kcgs7200164-IAD, cache-bur-kbur8200070-BUR
                                                                                                                                                                                                                                                                                                                                  X-Cache: HIT, HIT
                                                                                                                                                                                                                                                                                                                                  Vary: Accept-Encoding,Host
                                                                                                                                                                                                                                                                                                                                  P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
                                                                                                                                                                                                                                                                                                                                  x-tw-cdn: FT
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:05 UTC1379INData Raw: 21 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 3d 7b 36 31 37 33 3a 66 75 6e 63 74 69 6f 6e 28 74 2c 65 2c 6e 29 7b 76 61 72 20 72 3b 74 2e 65 78 70 6f 72 74 73 3d 28 72 3d 72 7c 7c 66 75 6e 63 74 69 6f 6e 28 74 2c 65 29 7b 76 61 72 20 72 3b 69 66 28 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 26 26 77 69 6e 64 6f 77 2e 63 72 79 70 74 6f 26 26 28 72 3d 77 69 6e 64 6f 77 2e 63 72 79 70 74 6f 29 2c 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 73 65 6c 66 26 26 73 65 6c 66 2e 63 72 79 70 74 6f 26 26 28 72 3d 73 65 6c 66 2e 63 72 79 70 74 6f 29 2c 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 67 6c 6f 62 61 6c 54 68 69 73 26 26 67 6c 6f 62 61 6c 54 68 69 73 2e 63 72 79 70 74 6f 26 26 28 72 3d
                                                                                                                                                                                                                                                                                                                                  Data Ascii: !function(){var t={6173:function(t,e,n){var r;t.exports=(r=r||function(t,e){var r;if("undefined"!=typeof window&&window.crypto&&(r=window.crypto),"undefined"!=typeof self&&self.crypto&&(r=self.crypto),"undefined"!=typeof globalThis&&globalThis.crypto&&(r=
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:05 UTC1379INData Raw: 68 69 73 2e 77 6f 72 64 73 3d 74 7c 7c 5b 5d 2c 74 68 69 73 2e 73 69 67 42 79 74 65 73 3d 6e 75 6c 6c 21 3d 65 3f 65 3a 34 2a 74 2e 6c 65 6e 67 74 68 7d 2c 74 6f 53 74 72 69 6e 67 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 28 74 7c 7c 66 29 2e 73 74 72 69 6e 67 69 66 79 28 74 68 69 73 29 7d 2c 63 6f 6e 63 61 74 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 65 3d 74 68 69 73 2e 77 6f 72 64 73 2c 6e 3d 74 2e 77 6f 72 64 73 2c 72 3d 74 68 69 73 2e 73 69 67 42 79 74 65 73 2c 69 3d 74 2e 73 69 67 42 79 74 65 73 3b 69 66 28 74 68 69 73 2e 63 6c 61 6d 70 28 29 2c 72 25 34 29 66 6f 72 28 76 61 72 20 6f 3d 30 3b 6f 3c 69 3b 6f 2b 2b 29 7b 76 61 72 20 61 3d 6e 5b 6f 3e 3e 3e 32 5d 3e 3e 3e 32 34 2d 6f 25 34 2a 38 26 32 35 35 3b 65 5b 72 2b 6f 3e
                                                                                                                                                                                                                                                                                                                                  Data Ascii: his.words=t||[],this.sigBytes=null!=e?e:4*t.length},toString:function(t){return(t||f).stringify(this)},concat:function(t){var e=this.words,n=t.words,r=this.sigBytes,i=t.sigBytes;if(this.clamp(),r%4)for(var o=0;o<i;o++){var a=n[o>>>2]>>>24-o%4*8&255;e[r+o>
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:05 UTC1379INData Raw: 6e 28 74 29 7b 72 65 74 75 72 6e 20 64 2e 70 61 72 73 65 28 75 6e 65 73 63 61 70 65 28 65 6e 63 6f 64 65 55 52 49 43 6f 6d 70 6f 6e 65 6e 74 28 74 29 29 29 7d 7d 2c 70 3d 63 2e 42 75 66 66 65 72 65 64 42 6c 6f 63 6b 41 6c 67 6f 72 69 74 68 6d 3d 75 2e 65 78 74 65 6e 64 28 7b 72 65 73 65 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73 2e 5f 64 61 74 61 3d 6e 65 77 20 73 2e 69 6e 69 74 2c 74 68 69 73 2e 5f 6e 44 61 74 61 42 79 74 65 73 3d 30 7d 2c 5f 61 70 70 65 6e 64 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 74 26 26 28 74 3d 68 2e 70 61 72 73 65 28 74 29 29 2c 74 68 69 73 2e 5f 64 61 74 61 2e 63 6f 6e 63 61 74 28 74 29 2c 74 68 69 73 2e 5f 6e 44 61 74 61 42 79 74 65 73 2b 3d 74 2e 73 69 67 42 79 74 65 73
                                                                                                                                                                                                                                                                                                                                  Data Ascii: n(t){return d.parse(unescape(encodeURIComponent(t)))}},p=c.BufferedBlockAlgorithm=u.extend({reset:function(){this._data=new s.init,this._nDataBytes=0},_append:function(t){"string"==typeof t&&(t=h.parse(t)),this._data.concat(t),this._nDataBytes+=t.sigBytes
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:05 UTC1379INData Raw: 61 72 20 72 3d 32 2c 69 3d 30 3b 69 3c 36 34 3b 29 65 28 72 29 26 26 28 69 3c 38 26 26 28 63 5b 69 5d 3d 6e 28 74 2e 70 6f 77 28 72 2c 2e 35 29 29 29 2c 75 5b 69 5d 3d 6e 28 74 2e 70 6f 77 28 72 2c 31 2f 33 29 29 2c 69 2b 2b 29 2c 72 2b 2b 7d 28 29 3b 76 61 72 20 73 3d 5b 5d 2c 6c 3d 61 2e 53 48 41 32 35 36 3d 6f 2e 65 78 74 65 6e 64 28 7b 5f 64 6f 52 65 73 65 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73 2e 5f 68 61 73 68 3d 6e 65 77 20 69 2e 69 6e 69 74 28 63 2e 73 6c 69 63 65 28 30 29 29 7d 2c 5f 64 6f 50 72 6f 63 65 73 73 42 6c 6f 63 6b 3a 66 75 6e 63 74 69 6f 6e 28 74 2c 65 29 7b 66 6f 72 28 76 61 72 20 6e 3d 74 68 69 73 2e 5f 68 61 73 68 2e 77 6f 72 64 73 2c 72 3d 6e 5b 30 5d 2c 69 3d 6e 5b 31 5d 2c 6f 3d 6e 5b 32 5d 2c 61 3d 6e 5b 33 5d 2c 63
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ar r=2,i=0;i<64;)e(r)&&(i<8&&(c[i]=n(t.pow(r,.5))),u[i]=n(t.pow(r,1/3)),i++),r++}();var s=[],l=a.SHA256=o.extend({_doReset:function(){this._hash=new i.init(c.slice(0))},_doProcessBlock:function(t,e){for(var n=this._hash.words,r=n[0],i=n[1],o=n[2],a=n[3],c
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:05 UTC1379INData Raw: 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 6e 65 77 20 74 68 69 73 28 28 66 75 6e 63 74 69 6f 6e 28 65 2c 6e 29 7b 69 66 28 21 74 7c 7c 76 6f 69 64 20 30 3d 3d 3d 74 2e 6c 65 6e 67 74 68 29 72 65 74 75 72 6e 20 6e 28 6e 65 77 20 54 79 70 65 45 72 72 6f 72 28 74 79 70 65 6f 66 20 74 2b 22 20 22 2b 74 2b 22 20 69 73 20 6e 6f 74 20 69 74 65 72 61 62 6c 65 28 63 61 6e 6e 6f 74 20 72 65 61 64 20 70 72 6f 70 65 72 74 79 20 53 79 6d 62 6f 6c 28 53 79 6d 62 6f 6c 2e 69 74 65 72 61 74 6f 72 29 29 22 29 29 3b 76 61 72 20 72 3d 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 2e 73 6c 69 63 65 2e 63 61 6c 6c 28 74 29 3b 69 66 28 30 3d 3d 3d 72 2e 6c 65 6e 67 74 68 29 72 65 74 75 72 6e 20 65 28 5b 5d 29 3b 76 61 72 20 69 3d 72 2e 6c 65 6e 67 74 68 3b 66 75
                                                                                                                                                                                                                                                                                                                                  Data Ascii: function(t){return new this((function(e,n){if(!t||void 0===t.length)return n(new TypeError(typeof t+" "+t+" is not iterable(cannot read property Symbol(Symbol.iterator))"));var r=Array.prototype.slice.call(t);if(0===r.length)return e([]);var i=r.length;fu
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:05 UTC1379INData Raw: 64 28 74 29 3b 69 66 28 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 6e 29 72 65 74 75 72 6e 20 76 6f 69 64 20 70 28 28 72 3d 6e 2c 69 3d 65 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 72 2e 61 70 70 6c 79 28 69 2c 61 72 67 75 6d 65 6e 74 73 29 7d 29 2c 74 29 7d 74 2e 5f 73 74 61 74 65 3d 31 2c 74 2e 5f 76 61 6c 75 65 3d 65 2c 64 28 74 29 7d 63 61 74 63 68 28 65 29 7b 66 28 74 2c 65 29 7d 76 61 72 20 72 2c 69 7d 66 75 6e 63 74 69 6f 6e 20 66 28 74 2c 65 29 7b 74 2e 5f 73 74 61 74 65 3d 32 2c 74 2e 5f 76 61 6c 75 65 3d 65 2c 64 28 74 29 7d 66 75 6e 63 74 69 6f 6e 20 64 28 74 29 7b 32 3d 3d 3d 74 2e 5f 73 74 61 74 65 26 26 30 3d 3d 3d 74 2e 5f 64 65 66 65 72 72 65 64 73 2e 6c 65 6e 67 74 68 26 26 75 2e 5f 69 6d 6d 65 64 69 61 74 65 46 6e 28 28 66 75 6e
                                                                                                                                                                                                                                                                                                                                  Data Ascii: d(t);if("function"==typeof n)return void p((r=n,i=e,function(){r.apply(i,arguments)}),t)}t._state=1,t._value=e,d(t)}catch(e){f(t,e)}var r,i}function f(t,e){t._state=2,t._value=e,d(t)}function d(t){2===t._state&&0===t._deferreds.length&&u._immediateFn((fun
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:05 UTC1379INData Raw: 65 77 20 75 28 28 66 75 6e 63 74 69 6f 6e 28 65 2c 6e 29 7b 6e 28 74 29 7d 29 29 7d 2c 75 2e 72 61 63 65 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 6e 65 77 20 75 28 28 66 75 6e 63 74 69 6f 6e 28 65 2c 6e 29 7b 69 66 28 21 61 28 74 29 29 72 65 74 75 72 6e 20 6e 28 6e 65 77 20 54 79 70 65 45 72 72 6f 72 28 22 50 72 6f 6d 69 73 65 2e 72 61 63 65 20 61 63 63 65 70 74 73 20 61 6e 20 61 72 72 61 79 22 29 29 3b 66 6f 72 28 76 61 72 20 72 3d 30 2c 69 3d 74 2e 6c 65 6e 67 74 68 3b 72 3c 69 3b 72 2b 2b 29 75 2e 72 65 73 6f 6c 76 65 28 74 5b 72 5d 29 2e 74 68 65 6e 28 65 2c 6e 29 7d 29 29 7d 2c 75 2e 5f 69 6d 6d 65 64 69 61 74 65 46 6e 3d 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 73 65 74 49 6d 6d 65 64 69 61 74 65 26 26 66 75 6e 63
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ew u((function(e,n){n(t)}))},u.race=function(t){return new u((function(e,n){if(!a(t))return n(new TypeError("Promise.race accepts an array"));for(var r=0,i=t.length;r<i;r++)u.resolve(t[r]).then(e,n)}))},u._immediateFn="function"==typeof setImmediate&&func
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:05 UTC1379INData Raw: 3d 69 29 74 68 72 6f 77 20 6f 3b 72 65 74 75 72 6e 20 43 28 29 7d 66 6f 72 28 6e 2e 6d 65 74 68 6f 64 3d 69 2c 6e 2e 61 72 67 3d 6f 3b 3b 29 7b 76 61 72 20 61 3d 6e 2e 64 65 6c 65 67 61 74 65 3b 69 66 28 61 29 7b 76 61 72 20 63 3d 67 28 61 2c 6e 29 3b 69 66 28 63 29 7b 69 66 28 63 3d 3d 3d 6c 29 63 6f 6e 74 69 6e 75 65 3b 72 65 74 75 72 6e 20 63 7d 7d 69 66 28 22 6e 65 78 74 22 3d 3d 3d 6e 2e 6d 65 74 68 6f 64 29 6e 2e 73 65 6e 74 3d 6e 2e 5f 73 65 6e 74 3d 6e 2e 61 72 67 3b 65 6c 73 65 20 69 66 28 22 74 68 72 6f 77 22 3d 3d 3d 6e 2e 6d 65 74 68 6f 64 29 7b 69 66 28 22 73 75 73 70 65 6e 64 65 64 53 74 61 72 74 22 3d 3d 3d 72 29 74 68 72 6f 77 20 72 3d 22 63 6f 6d 70 6c 65 74 65 64 22 2c 6e 2e 61 72 67 3b 6e 2e 64 69 73 70 61 74 63 68 45 78 63 65 70 74 69
                                                                                                                                                                                                                                                                                                                                  Data Ascii: =i)throw o;return C()}for(n.method=i,n.arg=o;;){var a=n.delegate;if(a){var c=g(a,n);if(c){if(c===l)continue;return c}}if("next"===n.method)n.sent=n._sent=n.arg;else if("throw"===n.method){if("suspendedStart"===r)throw r="completed",n.arg;n.dispatchExcepti
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:05 UTC1379INData Raw: 2c 61 29 7d 29 29 7d 72 65 74 75 72 6e 20 72 3d 72 3f 72 2e 74 68 65 6e 28 61 2c 61 29 3a 61 28 29 7d 7d 66 75 6e 63 74 69 6f 6e 20 67 28 74 2c 65 29 7b 76 61 72 20 6e 3d 74 2e 69 74 65 72 61 74 6f 72 5b 65 2e 6d 65 74 68 6f 64 5d 3b 69 66 28 76 6f 69 64 20 30 3d 3d 3d 6e 29 7b 69 66 28 65 2e 64 65 6c 65 67 61 74 65 3d 6e 75 6c 6c 2c 22 74 68 72 6f 77 22 3d 3d 3d 65 2e 6d 65 74 68 6f 64 29 7b 69 66 28 74 2e 69 74 65 72 61 74 6f 72 2e 72 65 74 75 72 6e 26 26 28 65 2e 6d 65 74 68 6f 64 3d 22 72 65 74 75 72 6e 22 2c 65 2e 61 72 67 3d 76 6f 69 64 20 30 2c 67 28 74 2c 65 29 2c 22 74 68 72 6f 77 22 3d 3d 3d 65 2e 6d 65 74 68 6f 64 29 29 72 65 74 75 72 6e 20 6c 3b 65 2e 6d 65 74 68 6f 64 3d 22 74 68 72 6f 77 22 2c 65 2e 61 72 67 3d 6e 65 77 20 54 79 70 65 45 72
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ,a)}))}return r=r?r.then(a,a):a()}}function g(t,e){var n=t.iterator[e.method];if(void 0===n){if(e.delegate=null,"throw"===e.method){if(t.iterator.return&&(e.method="return",e.arg=void 0,g(t,e),"throw"===e.method))return l;e.method="throw",e.arg=new TypeEr
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:05 UTC1379INData Raw: 69 6f 6e 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 65 3d 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 74 26 26 74 2e 63 6f 6e 73 74 72 75 63 74 6f 72 3b 72 65 74 75 72 6e 21 21 65 26 26 28 65 3d 3d 3d 64 7c 7c 22 47 65 6e 65 72 61 74 6f 72 46 75 6e 63 74 69 6f 6e 22 3d 3d 3d 28 65 2e 64 69 73 70 6c 61 79 4e 61 6d 65 7c 7c 65 2e 6e 61 6d 65 29 29 7d 2c 74 2e 6d 61 72 6b 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 4f 62 6a 65 63 74 2e 73 65 74 50 72 6f 74 6f 74 79 70 65 4f 66 3f 4f 62 6a 65 63 74 2e 73 65 74 50 72 6f 74 6f 74 79 70 65 4f 66 28 74 2c 68 29 3a 28 74 2e 5f 5f 70 72 6f 74 6f 5f 5f 3d 68 2c 63 28 74 2c 61 2c 22 47 65 6e 65 72 61 74 6f 72 46 75 6e 63 74 69 6f 6e 22 29 29 2c 74 2e 70 72 6f 74 6f 74 79 70 65 3d
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ion=function(t){var e="function"==typeof t&&t.constructor;return!!e&&(e===d||"GeneratorFunction"===(e.displayName||e.name))},t.mark=function(t){return Object.setPrototypeOf?Object.setPrototypeOf(t,h):(t.__proto__=h,c(t,a,"GeneratorFunction")),t.prototype=


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  128192.168.2.749893142.251.2.1564437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:05 UTC932OUTPOST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-111455-1&cid=925834404.1713914987&jid=1790868512&gjid=2032486828&_gid=1225407003.1713914987&_u=SDCACEABBAAAACAFKC~&z=1893499334 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: stats.g.doubleclick.net
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: IDE=AHWqTUkWuMucKmweOSwmj7RW92pz4PKO8842RtsIxN0p7KUWBRm2nELl74IoNpUN
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:06 UTC593INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:06 GMT
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                                                                                                                  Last-Modified: Sun, 17 May 1998 03:00:00 GMT
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                  Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                                                                  Server: Golfe2
                                                                                                                                                                                                                                                                                                                                  Content-Length: 2
                                                                                                                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:06 UTC2INData Raw: 31 67
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 1g


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  129192.168.2.749895142.251.2.1564437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:05 UTC932OUTPOST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-111455-74&cid=925834404.1713914987&jid=2072956638&gjid=20380477&_gid=1225407003.1713914987&_u=SDCACEABBAAAACAFKCC~&z=1337050985 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: stats.g.doubleclick.net
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: IDE=AHWqTUkWuMucKmweOSwmj7RW92pz4PKO8842RtsIxN0p7KUWBRm2nELl74IoNpUN
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:06 UTC593INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:06 GMT
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                                                                                                                  Last-Modified: Sun, 17 May 1998 03:00:00 GMT
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                  Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                                                                  Server: Golfe2
                                                                                                                                                                                                                                                                                                                                  Content-Length: 2
                                                                                                                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:06 UTC2INData Raw: 31 67
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 1g


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  130192.168.2.7498983.211.190.764437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:06 UTC345OUTGET /json/ HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: geo.qualaroo.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:06 UTC190INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:06 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/json
                                                                                                                                                                                                                                                                                                                                  Content-Length: 241
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Vary: Origin
                                                                                                                                                                                                                                                                                                                                  X-Database-Date: Fri, 05 Jan 2018 18:56:42 GMT
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:06 UTC241INData Raw: 7b 22 69 70 22 3a 22 31 35 34 2e 31 36 2e 31 30 35 2e 33 36 22 2c 22 63 6f 75 6e 74 72 79 5f 63 6f 64 65 22 3a 22 55 53 22 2c 22 63 6f 75 6e 74 72 79 5f 6e 61 6d 65 22 3a 22 55 6e 69 74 65 64 20 53 74 61 74 65 73 22 2c 22 72 65 67 69 6f 6e 5f 63 6f 64 65 22 3a 22 41 5a 22 2c 22 72 65 67 69 6f 6e 5f 6e 61 6d 65 22 3a 22 41 72 69 7a 6f 6e 61 22 2c 22 63 69 74 79 22 3a 22 50 68 6f 65 6e 69 78 22 2c 22 7a 69 70 5f 63 6f 64 65 22 3a 22 38 35 30 30 34 22 2c 22 74 69 6d 65 5f 7a 6f 6e 65 22 3a 22 41 6d 65 72 69 63 61 2f 50 68 6f 65 6e 69 78 22 2c 22 6c 61 74 69 74 75 64 65 22 3a 33 33 2e 34 34 39 39 2c 22 6c 6f 6e 67 69 74 75 64 65 22 3a 2d 31 31 32 2e 30 37 31 32 2c 22 6d 65 74 72 6f 5f 63 6f 64 65 22 3a 37 35 33 7d 0a
                                                                                                                                                                                                                                                                                                                                  Data Ascii: {"ip":"154.16.105.36","country_code":"US","country_name":"United States","region_code":"AZ","region_name":"Arizona","city":"Phoenix","zip_code":"85004","time_zone":"America/Phoenix","latitude":33.4499,"longitude":-112.0712,"metro_code":753}


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  131192.168.2.7498923.248.162.964437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:06 UTC1762OUTGET /mon HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: obseu.ytwohlcq.telerik.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; cg_uuid=490a579c4dfc5a03b8ee2ef3e0a6a990; _fbp=fb.1.1713914994453.110516813; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjp0cnVlfQ==; _ga=GA1.2.925834404.1713914987; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A59+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=1&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1; _cq_pxg=3|n15624902978738937898069555|975652292|event=conversion; _ga_9JSNBCSF54=GS1.1.1713914987.1.1.1713914999.48.0.0; prgs_utm=%7B%22referrer%22%3A%22https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run%22%7D
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:06 UTC268INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: undefined
                                                                                                                                                                                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/json
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:06 GMT
                                                                                                                                                                                                                                                                                                                                  Connection: close


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  132192.168.2.7498973.248.162.964437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:06 UTC2078OUTPOST /mon HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: obseu.ytwohlcq.telerik.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  Content-Length: 2164
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; cg_uuid=490a579c4dfc5a03b8ee2ef3e0a6a990; _fbp=fb.1.1713914994453.110516813; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjp0cnVlfQ==; _ga=GA1.2.925834404.1713914987; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A59+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=1&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1; _cq_pxg=3|n15624902978738937898069555|975652292|event=conversion; _ga_9JSNBCSF54=GS1.1.1713914987.1.1.1713914999.48.0.0; prgs_utm=%7B%22referrer%22%3A%22https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run%22%7D; _gat_UA-111455-1=1; _gat_UA-111455-74=1
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:06 UTC2164OUTData Raw: 65 3d 33 37 64 66 62 64 38 65 65 38 34 65 30 30 31 32 36 62 65 64 63 65 33 34 65 66 34 37 38 61 39 64 39 32 32 35 63 32 34 66 35 36 37 64 34 33 64 36 64 61 31 39 30 38 62 65 36 32 34 35 63 61 64 37 62 64 37 30 61 39 37 36 37 31 30 63 65 36 30 65 64 38 39 33 37 33 62 66 65 37 30 65 39 63 32 30 63 31 65 35 33 65 38 64 35 64 31 36 38 62 36 61 32 66 31 37 30 37 31 61 31 30 61 63 66 39 66 32 39 66 36 37 34 64 38 62 38 33 64 38 30 32 32 62 33 36 34 38 66 61 32 63 32 31 35 37 38 32 36 61 64 66 36 31 39 35 30 63 36 35 35 30 32 31 63 36 30 34 30 33 30 61 33 35 35 35 35 39 39 37 62 37 36 32 34 66 37 37 62 65 32 36 62 62 32 35 63 62 34 33 65 32 39 32 33 65 66 34 34 63 36 65 61 61 31 33 32 63 37 61 31 34 63 34 35 30 65 61 35 34 65 32 38 35 39 32 39 63 36 38 66 33 37
                                                                                                                                                                                                                                                                                                                                  Data Ascii: e=37dfbd8ee84e00126bedce34ef478a9d9225c24f567d43d6da1908be6245cad7bd70a976710ce60ed89373bfe70e9c20c1e53e8d5d168b6a2f17071a10acf9f29f674d8b83d8022b3648fa2c2157826adf61950c655021c604030a35555997b7624f77be26bb25cb43e2923ef44c6eaa132c7a14c450ea54e285929c68f37
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:07 UTC282INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/json
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:07 GMT
                                                                                                                                                                                                                                                                                                                                  Connection: close


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  133192.168.2.749906104.22.54.1044437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:07 UTC532OUTGET /prum.min.js HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: rum-static.pingdom.net
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:07 UTC395INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:07 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/javascript; charset=utf-8
                                                                                                                                                                                                                                                                                                                                  Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  last-modified: Fri, 14 Oct 2022 06:22:29 GMT
                                                                                                                                                                                                                                                                                                                                  vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                  etag: W/"63490025-1849"
                                                                                                                                                                                                                                                                                                                                  access-control-allow-origin: *
                                                                                                                                                                                                                                                                                                                                  Cache-Control: max-age=43200
                                                                                                                                                                                                                                                                                                                                  CF-Cache-Status: HIT
                                                                                                                                                                                                                                                                                                                                  Age: 3947
                                                                                                                                                                                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                                                                                                                                                                                  CF-RAY: 8791a3bccada69e6-LAS
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:07 UTC974INData Raw: 31 38 34 39 0d 0a 21 66 75 6e 63 74 69 6f 6e 28 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 75 6e 63 74 69 6f 6e 20 74 28 74 2c 65 29 7b 72 65 74 75 72 6e 20 4f 62 6a 65 63 74 2e 6b 65 79 73 28 74 29 2e 6d 61 70 28 28 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 72 65 74 75 72 6e 20 6e 2b 22 3d 22 2b 28 65 3f 74 5b 6e 5d 3a 65 6e 63 6f 64 65 55 52 49 43 6f 6d 70 6f 6e 65 6e 74 28 74 5b 6e 5d 29 29 7d 29 29 2e 6a 6f 69 6e 28 22 26 22 29 7d 66 75 6e 63 74 69 6f 6e 20 65 28 74 2c 65 29 7b 76 61 72 20 6e 2c 6f 2c 72 3d 7b 7d 3b 72 65 74 75 72 6e 20 74 26 26 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 74 3f 28 74 2e 74 72 69 6d 28 29 2e 73 70 6c 69 74 28 22 26 22 29 2e 66 6f 72 45 61 63 68 28 28 66 75 6e 63 74 69 6f 6e 28 74 29 7b 6e 3d 74 2e 69 6e 64 65 78
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 1849!function(){"use strict";function t(t,e){return Object.keys(t).map((function(n){return n+"="+(e?t[n]:encodeURIComponent(t[n]))})).join("&")}function e(t,e){var n,o,r={};return t&&"string"==typeof t?(t.trim().split("&").forEach((function(t){n=t.index
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:07 UTC1369INData Raw: 72 2e 61 70 70 4e 61 6d 65 2e 69 6e 64 65 78 4f 66 28 22 49 6e 74 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 22 29 29 7b 76 61 72 20 64 3d 65 2e 6e 61 76 69 67 61 74 6f 72 2e 61 70 70 56 65 72 73 69 6f 6e 2e 6d 61 74 63 68 28 2f 4d 53 49 45 20 28 5c 64 2b 29 2f 29 3b 64 26 26 70 61 72 73 65 49 6e 74 28 64 5b 31 5d 29 3c 3d 39 26 26 28 75 3d 21 30 29 7d 69 66 28 65 2e 58 4d 4c 48 74 74 70 52 65 71 75 65 73 74 26 26 21 75 29 7b 76 61 72 20 66 3d 6e 65 77 20 65 2e 58 4d 4c 48 74 74 70 52 65 71 75 65 73 74 3b 66 2e 6f 70 65 6e 28 73 2c 72 29 2c 22 47 45 54 22 3d 3d 3d 73 3f 66 2e 73 65 6e 64 28 74 28 63 29 29 3a 66 2e 73 65 6e 64 28 4a 53 4f 4e 2e 73 74 72 69 6e 67 69 66 79 28 63 29 29 7d 65 6c 73 65 20 65 2e 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 6c
                                                                                                                                                                                                                                                                                                                                  Data Ascii: r.appName.indexOf("Internet Explorer")){var d=e.navigator.appVersion.match(/MSIE (\d+)/);d&&parseInt(d[1])<=9&&(u=!0)}if(e.XMLHttpRequest&&!u){var f=new e.XMLHttpRequest;f.open(s,r),"GET"===s?f.send(t(c)):f.send(JSON.stringify(c))}else e.document.createEl
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:07 UTC1369INData Raw: 67 65 2e 67 65 74 28 22 72 76 22 29 7c 7c 22 30 22 2c 76 3a 64 2e 76 65 72 7d 3a 64 2e 73 65 73 73 69 6f 6e 53 74 61 72 74 28 21 31 29 7d 2c 67 65 6e 65 72 61 74 65 53 65 73 73 69 6f 6e 49 44 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 28 37 38 33 36 34 31 36 34 30 39 36 2b 4d 61 74 68 2e 66 6c 6f 6f 72 28 32 37 34 32 37 34 35 37 34 33 33 35 39 2a 4d 61 74 68 2e 72 61 6e 64 6f 6d 28 29 29 29 2e 74 6f 53 74 72 69 6e 67 28 33 36 29 7d 2c 73 65 73 73 69 6f 6e 53 74 61 72 74 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 74 3d 74 3f 22 31 22 3a 22 30 22 3b 76 61 72 20 65 3d 64 2e 67 65 6e 65 72 61 74 65 53 65 73 73 69 6f 6e 49 44 28 29 3b 64 2e 73 74 6f 72 61 67 65 2e 73 65 74 28 22 73 69 64 22 2c 65 29 3b 76 61 72 20 6e 3d 64 2e 73 65 73 73 69 6f 6e 4d 61
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ge.get("rv")||"0",v:d.ver}:d.sessionStart(!1)},generateSessionID:function(){return(78364164096+Math.floor(2742745743359*Math.random())).toString(36)},sessionStart:function(t){t=t?"1":"0";var e=d.generateSessionID();d.storage.set("sid",e);var n=d.sessionMa
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:07 UTC1369INData Raw: 29 29 3b 72 65 74 75 72 6e 20 6e 3f 6e 5b 74 5d 3a 22 22 7d 72 65 74 75 72 6e 22 22 7d 2c 73 65 74 3a 66 75 6e 63 74 69 6f 6e 28 6e 2c 69 29 7b 69 66 28 72 26 26 6e 29 74 72 79 7b 76 61 72 20 61 3d 72 2e 67 65 74 49 74 65 6d 28 6f 2e 73 74 6f 72 61 67 65 4b 65 79 29 2c 73 3d 61 3f 65 28 61 29 3a 7b 7d 3b 73 5b 6e 5d 3d 69 2c 72 2e 73 65 74 49 74 65 6d 28 6f 2e 73 74 6f 72 61 67 65 4b 65 79 2c 74 28 73 29 29 7d 63 61 74 63 68 28 74 29 7b 63 6f 6e 73 6f 6c 65 2e 65 72 72 6f 72 28 22 75 6e 61 62 6c 65 20 74 6f 20 73 74 6f 72 65 20 22 2b 6e 2b 22 20 69 6e 20 73 74 6f 72 61 67 65 2e 22 2c 74 29 7d 7d 2c 72 65 6d 6f 76 65 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 26 26 74 26 26 72 2e 72 65 6d 6f 76 65 49 74 65 6d 28 74 29 7d 7d 7d 28 63 2c 64 29 2c 64 2e 67 65
                                                                                                                                                                                                                                                                                                                                  Data Ascii: ));return n?n[t]:""}return""},set:function(n,i){if(r&&n)try{var a=r.getItem(o.storageKey),s=a?e(a):{};s[n]=i,r.setItem(o.storageKey,t(s))}catch(t){console.error("unable to store "+n+" in storage.",t)}},remove:function(t){r&&t&&r.removeItem(t)}}}(c,d),d.ge
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:07 UTC1144INData Raw: 48 65 69 67 68 74 2c 70 44 3a 74 2e 73 63 72 65 65 6e 2e 70 69 78 65 6c 44 65 70 74 68 2c 64 50 52 3a 31 7c 74 2e 64 65 76 69 63 65 50 69 78 65 6c 52 61 74 69 6f 2c 6f 72 3a 74 2e 73 63 72 65 65 6e 2e 6f 72 69 65 6e 74 61 74 69 6f 6e 26 26 74 2e 73 63 72 65 65 6e 2e 6f 72 69 65 6e 74 61 74 69 6f 6e 2e 74 79 70 65 7c 7c 22 22 7d 7d 28 74 29 29 2c 75 2e 70 75 73 68 28 7b 6e 54 3a 69 2e 6e 61 76 69 67 61 74 69 6f 6e 2e 74 79 70 65 2c 72 43 3a 69 2e 6e 61 76 69 67 61 74 69 6f 6e 2e 72 65 64 69 72 65 63 74 43 6f 75 6e 74 7d 29 2c 75 2e 70 75 73 68 28 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 7b 6e 53 3a 30 2c 63 53 3a 73 28 74 2e 63 6f 6e 6e 65 63 74 53 74 61 72 74 29 2c 63 45 3a 73 28 74 2e 63 6f 6e 6e 65 63 74 45 6e 64 29 2c 64 4c 45 3a 73 28 74
                                                                                                                                                                                                                                                                                                                                  Data Ascii: Height,pD:t.screen.pixelDepth,dPR:1|t.devicePixelRatio,or:t.screen.orientation&&t.screen.orientation.type||""}}(t)),u.push({nT:i.navigation.type,rC:i.navigation.redirectCount}),u.push(function(t){return{nS:0,cS:s(t.connectStart),cE:s(t.connectEnd),dLE:s(t
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:07 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 0


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  134192.168.2.74990731.13.70.364437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:07 UTC925OUTGET /tr/?id=1444093252502226&ev=PageView&dl=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&rl=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&if=false&ts=1713915003482&sw=1280&sh=1024&v=2.9.154&r=stable&ec=1&o=4126&fbp=fb.1.1713914994453.110516813&cs_est=true&ler=empty&cdl=API_unavailable&it=1713914999827&coo=false&rqm=GET HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: www.facebook.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:07 UTC469INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin:
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                                                                  cross-origin-resource-policy: cross-origin
                                                                                                                                                                                                                                                                                                                                  Server: proxygen-bolt
                                                                                                                                                                                                                                                                                                                                  X-FB-Connection-Quality: MODERATE; q=0.3, rtt=159, rtx=0, c=10, mss=1277, tbw=3402, tp=-1, tpl=-1, uplat=1, ullat=1
                                                                                                                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:07 GMT
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Content-Length: 0


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  135192.168.2.74990918.65.25.144437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:07 UTC532OUTGET /monitor/stat.js HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: www.clickcease.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:07 UTC953INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/javascript
                                                                                                                                                                                                                                                                                                                                  Content-Length: 145222
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Last-Modified: Tue, 12 Sep 2023 09:05:15 GMT
                                                                                                                                                                                                                                                                                                                                  x-amz-server-side-encryption: AES256
                                                                                                                                                                                                                                                                                                                                  x-amz-version-id: Cf02rYNryv9UIBzoGOQeQJTZ2QU2vf2Y
                                                                                                                                                                                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                  Server: AmazonS3
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:07 GMT
                                                                                                                                                                                                                                                                                                                                  ETag: "e112b8bf96f23bc2970347a3c98e37fc"
                                                                                                                                                                                                                                                                                                                                  Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                  X-Cache: Hit from cloudfront
                                                                                                                                                                                                                                                                                                                                  Via: 1.1 1721ba89df2008145b68acb827b62daa.cloudfront.net (CloudFront)
                                                                                                                                                                                                                                                                                                                                  X-Amz-Cf-Pop: LAX53-P1
                                                                                                                                                                                                                                                                                                                                  X-Amz-Cf-Id: qk5u5bK01dpikOmvJvWMzViLIFy7ENIddc7FDJ4Mw2O-hXpBsNTAqA==
                                                                                                                                                                                                                                                                                                                                  Age: 3
                                                                                                                                                                                                                                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                                                                                                  Referrer-Policy: no-referrer-when-downgrade
                                                                                                                                                                                                                                                                                                                                  Content-Security-Policy: frame-ancestors 'self' https://clickceasebiz.com https://*.clickceasebiz.com; upgrade-insecure-requests;
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                                                                  Permissions-Policy: microphone 'none'; camera 'none';
                                                                                                                                                                                                                                                                                                                                  Vary: Origin
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:07 UTC16384INData Raw: 21 66 75 6e 63 74 69 6f 6e 28 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 75 6e 63 74 69 6f 6e 20 6b 28 29 7b 6b 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 61 7d 3b 76 61 72 20 63 2c 61 3d 7b 7d 2c 65 3d 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 2c 6c 3d 65 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 2c 75 3d 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 7c 7c 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 65 5b 74 5d 3d 6e 2e 76 61 6c 75 65 7d 2c 74 3d 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 3f 53 79 6d 62 6f 6c 3a 7b 7d 2c 72 3d 74 2e 69 74 65 72 61 74 6f 72 7c 7c 22 40 40 69 74 65 72 61 74 6f 72 22 2c 6e 3d 74 2e 61 73 79 6e 63 49 74 65 72 61 74 6f 72 7c 7c 22 40 40 61 73 79
                                                                                                                                                                                                                                                                                                                                  Data Ascii: !function(){"use strict";function k(){k=function(){return a};var c,a={},e=Object.prototype,l=e.hasOwnProperty,u=Object.defineProperty||function(e,t,n){e[t]=n.value},t="function"==typeof Symbol?Symbol:{},r=t.iterator||"@@iterator",n=t.asyncIterator||"@@asy
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:07 UTC16384INData Raw: 69 64 20 72 2e 63 61 6c 6c 28 65 2c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 74 28 6e 2c 65 29 7d 2c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 5b 6e 5d 3d 7b 73 74 61 74 75 73 3a 22 72 65 6a 65 63 74 65 64 22 2c 72 65 61 73 6f 6e 3a 65 7d 2c 30 3d 3d 2d 2d 61 26 26 6f 28 69 29 7d 29 7d 69 5b 6e 5d 3d 7b 73 74 61 74 75 73 3a 22 66 75 6c 66 69 6c 6c 65 64 22 2c 76 61 6c 75 65 3a 65 7d 2c 30 3d 3d 2d 2d 61 26 26 6f 28 69 29 7d 28 74 2c 69 5b 74 5d 29 7d 29 7d 66 75 6e 63 74 69 6f 6e 20 6d 28 65 2c 74 29 7b 74 68 69 73 2e 6e 61 6d 65 3d 22 41 67 67 72 65 67 61 74 65 45 72 72 6f 72 22 2c 74 68 69 73 2e 65 72 72 6f 72 73 3d 65 2c 74 68 69 73 2e 6d 65 73 73 61 67 65 3d 74 7c 7c 22 22 7d 66 75 6e 63 74 69 6f 6e 20 76 28 69 29 7b 76 61 72 20 61 3d 74 68 69 73 3b 72 65 74
                                                                                                                                                                                                                                                                                                                                  Data Ascii: id r.call(e,function(e){t(n,e)},function(e){i[n]={status:"rejected",reason:e},0==--a&&o(i)})}i[n]={status:"fulfilled",value:e},0==--a&&o(i)}(t,i[t])})}function m(e,t){this.name="AggregateError",this.errors=e,this.message=t||""}function v(i){var a=this;ret
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:07 UTC16384INData Raw: 72 43 61 73 65 28 29 7d 66 75 6e 63 74 69 6f 6e 20 57 28 74 2c 65 29 7b 76 61 72 20 6e 3d 65 2e 64 6f 63 2c 72 3d 65 2e 6d 61 70 2c 6f 3d 65 2e 62 6c 6f 63 6b 43 6c 61 73 73 2c 69 3d 65 2e 62 6c 6f 63 6b 53 65 6c 65 63 74 6f 72 2c 61 3d 65 2e 6d 61 73 6b 54 65 78 74 43 6c 61 73 73 2c 73 3d 65 2e 6d 61 73 6b 54 65 78 74 53 65 6c 65 63 74 6f 72 2c 63 3d 65 2e 73 6b 69 70 43 68 69 6c 64 2c 63 3d 76 6f 69 64 20 30 21 3d 3d 63 26 26 63 2c 6c 3d 65 2e 69 6e 6c 69 6e 65 53 74 79 6c 65 73 68 65 65 74 2c 75 3d 76 6f 69 64 20 30 3d 3d 3d 6c 7c 7c 6c 2c 6c 3d 65 2e 6d 61 73 6b 49 6e 70 75 74 4f 70 74 69 6f 6e 73 2c 64 3d 76 6f 69 64 20 30 3d 3d 3d 6c 3f 7b 7d 3a 6c 2c 66 3d 65 2e 6d 61 73 6b 54 65 78 74 46 6e 2c 70 3d 65 2e 6d 61 73 6b 49 6e 70 75 74 46 6e 2c 68 3d
                                                                                                                                                                                                                                                                                                                                  Data Ascii: rCase()}function W(t,e){var n=e.doc,r=e.map,o=e.blockClass,i=e.blockSelector,a=e.maskTextClass,s=e.maskTextSelector,c=e.skipChild,c=void 0!==c&&c,l=e.inlineStylesheet,u=void 0===l||l,l=e.maskInputOptions,d=void 0===l?{}:l,f=e.maskTextFn,p=e.maskInputFn,h=
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:07 UTC14808INData Raw: 2e 73 68 61 64 6f 77 52 6f 6f 74 2e 66 69 72 73 74 43 68 69 6c 64 3b 29 70 2e 73 68 61 64 6f 77 52 6f 6f 74 2e 72 65 6d 6f 76 65 43 68 69 6c 64 28 70 2e 73 68 61 64 6f 77 52 6f 6f 74 2e 66 69 72 73 74 43 68 69 6c 64 29 3b 65 6c 73 65 20 70 2e 61 74 74 61 63 68 53 68 61 64 6f 77 28 7b 6d 6f 64 65 3a 22 6f 70 65 6e 22 7d 29 3b 72 65 74 75 72 6e 20 70 3b 63 61 73 65 20 4e 2e 54 65 78 74 3a 72 65 74 75 72 6e 20 6c 2e 63 72 65 61 74 65 54 65 78 74 4e 6f 64 65 28 63 2e 69 73 53 74 79 6c 65 26 26 75 3f 6b 28 63 2e 74 65 78 74 43 6f 6e 74 65 6e 74 2c 64 29 3a 63 2e 74 65 78 74 43 6f 6e 74 65 6e 74 29 3b 63 61 73 65 20 4e 2e 43 44 41 54 41 3a 72 65 74 75 72 6e 20 6c 2e 63 72 65 61 74 65 43 44 41 54 41 53 65 63 74 69 6f 6e 28 63 2e 74 65 78 74 43 6f 6e 74 65 6e 74
                                                                                                                                                                                                                                                                                                                                  Data Ascii: .shadowRoot.firstChild;)p.shadowRoot.removeChild(p.shadowRoot.firstChild);else p.attachShadow({mode:"open"});return p;case N.Text:return l.createTextNode(c.isStyle&&u?k(c.textContent,d):c.textContent);case N.CDATA:return l.createCDATASection(c.textContent
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:07 UTC16384INData Raw: 20 79 3d 69 2e 67 65 74 28 76 29 3b 69 66 28 79 26 26 28 70 3d 62 2e 6d 69 72 72 6f 72 2e 67 65 74 49 64 28 79 2e 76 61 6c 75 65 2e 70 61 72 65 6e 74 4e 6f 64 65 29 2c 68 3d 61 28 79 2e 76 61 6c 75 65 29 2c 2d 31 21 3d 3d 70 29 26 26 2d 31 21 3d 3d 68 29 7b 6d 3d 79 3b 62 72 65 61 6b 7d 7d 69 66 28 21 6d 29 7b 66 6f 72 28 3b 69 2e 68 65 61 64 3b 29 69 2e 72 65 6d 6f 76 65 4e 6f 64 65 28 69 2e 68 65 61 64 2e 76 61 6c 75 65 29 3b 62 72 65 61 6b 7d 66 3d 6d 2e 70 72 65 76 69 6f 75 73 2c 69 2e 72 65 6d 6f 76 65 4e 6f 64 65 28 6d 2e 76 61 6c 75 65 29 2c 72 28 6d 2e 76 61 6c 75 65 29 7d 76 61 72 20 67 3d 7b 74 65 78 74 73 3a 62 2e 74 65 78 74 73 2e 6d 61 70 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 7b 69 64 3a 62 2e 6d 69 72 72 6f 72 2e 67 65 74
                                                                                                                                                                                                                                                                                                                                  Data Ascii: y=i.get(v);if(y&&(p=b.mirror.getId(y.value.parentNode),h=a(y.value),-1!==p)&&-1!==h){m=y;break}}if(!m){for(;i.head;)i.removeNode(i.head.value);break}f=m.previous,i.removeNode(m.value),r(m.value)}var g={texts:b.texts.map(function(e){return{id:b.mirror.get
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:08 UTC16384INData Raw: 79 3a 69 2c 61 72 67 73 3a 5b 65 5d 2c 73 65 74 74 65 72 3a 21 30 7d 29 7d 7d 29 3b 6e 2e 70 75 73 68 28 74 29 7d 7d 28 69 2e 76 61 6c 75 65 29 7d 63 61 74 63 68 28 61 29 7b 65 3d 7b 65 72 72 6f 72 3a 61 7d 7d 66 69 6e 61 6c 6c 79 7b 74 72 79 7b 69 26 26 21 69 2e 64 6f 6e 65 26 26 28 74 3d 6f 2e 72 65 74 75 72 6e 29 26 26 74 2e 63 61 6c 6c 28 6f 29 7d 66 69 6e 61 6c 6c 79 7b 69 66 28 65 29 74 68 72 6f 77 20 65 2e 65 72 72 6f 72 7d 7d 72 65 74 75 72 6e 20 6e 7d 6f 2e 70 72 6f 74 6f 74 79 70 65 2e 72 65 73 65 74 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73 2e 70 65 6e 64 69 6e 67 43 61 6e 76 61 73 4d 75 74 61 74 69 6f 6e 73 2e 63 6c 65 61 72 28 29 2c 74 68 69 73 2e 72 65 73 65 74 4f 62 73 65 72 76 65 72 73 26 26 74 68 69 73 2e 72 65 73 65 74 4f 62 73 65
                                                                                                                                                                                                                                                                                                                                  Data Ascii: y:i,args:[e],setter:!0})}});n.push(t)}}(i.value)}catch(a){e={error:a}}finally{try{i&&!i.done&&(t=o.return)&&t.call(o)}finally{if(e)throw e.error}}return n}o.prototype.reset=function(){this.pendingCanvasMutations.clear(),this.resetObservers&&this.resetObse
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:08 UTC16384INData Raw: 74 69 6f 6e 73 2e 73 70 6c 69 63 65 28 74 2c 30 2c 65 29 7d 2c 63 2e 70 72 6f 74 6f 74 79 70 65 2e 61 64 64 41 63 74 69 6f 6e 73 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 74 68 69 73 2e 61 63 74 69 6f 6e 73 3d 74 68 69 73 2e 61 63 74 69 6f 6e 73 2e 63 6f 6e 63 61 74 28 65 29 7d 2c 63 2e 70 72 6f 74 6f 74 79 70 65 2e 73 74 61 72 74 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73 2e 74 69 6d 65 4f 66 66 73 65 74 3d 30 3b 76 61 72 20 72 3d 70 65 72 66 6f 72 6d 61 6e 63 65 2e 6e 6f 77 28 29 2c 6f 3d 74 68 69 73 2e 61 63 74 69 6f 6e 73 2c 69 3d 74 68 69 73 3b 74 68 69 73 2e 72 61 66 3d 72 65 71 75 65 73 74 41 6e 69 6d 61 74 69 6f 6e 46 72 61 6d 65 28 66 75 6e 63 74 69 6f 6e 20 65 28 29 7b 76 61 72 20 74 3d 70 65 72 66 6f 72 6d 61 6e 63 65 2e 6e 6f 77 28 29 3b 66
                                                                                                                                                                                                                                                                                                                                  Data Ascii: tions.splice(t,0,e)},c.prototype.addActions=function(e){this.actions=this.actions.concat(e)},c.prototype.start=function(){this.timeOffset=0;var r=performance.now(),o=this.actions,i=this;this.raf=requestAnimationFrame(function e(){var t=performance.now();f
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:08 UTC16384INData Raw: 6e 2e 6e 65 78 74 28 29 3b 21 72 2e 64 6f 6e 65 3b 72 3d 6e 2e 6e 65 78 74 28 29 29 72 2e 76 61 6c 75 65 2e 68 61 6e 64 6c 65 72 28 61 2c 73 2c 7b 72 65 70 6c 61 79 65 72 3a 6c 7d 29 7d 63 61 74 63 68 28 65 29 7b 74 3d 7b 65 72 72 6f 72 3a 65 7d 7d 66 69 6e 61 6c 6c 79 7b 74 72 79 7b 72 26 26 21 72 2e 64 6f 6e 65 26 26 28 65 3d 6e 2e 72 65 74 75 72 6e 29 26 26 65 2e 63 61 6c 6c 28 6e 29 7d 66 69 6e 61 6c 6c 79 7b 69 66 28 74 29 74 68 72 6f 77 20 74 2e 65 72 72 6f 72 7d 7d 6c 2e 73 65 72 76 69 63 65 2e 73 65 6e 64 28 7b 74 79 70 65 3a 22 43 41 53 54 5f 45 56 45 4e 54 22 2c 70 61 79 6c 6f 61 64 3a 7b 65 76 65 6e 74 3a 61 7d 7d 29 3b 76 61 72 20 6f 2c 69 3d 6c 2e 73 65 72 76 69 63 65 2e 73 74 61 74 65 2e 63 6f 6e 74 65 78 74 2e 65 76 65 6e 74 73 2e 6c 65 6e
                                                                                                                                                                                                                                                                                                                                  Data Ascii: n.next();!r.done;r=n.next())r.value.handler(a,s,{replayer:l})}catch(e){t={error:e}}finally{try{r&&!r.done&&(e=n.return)&&e.call(n)}finally{if(t)throw t.error}}l.service.send({type:"CAST_EVENT",payload:{event:a}});var o,i=l.service.state.context.events.len
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:08 UTC15726INData Raw: 74 79 6c 65 2e 73 65 74 50 72 6f 70 65 72 74 79 28 6f 2c 69 29 29 7d 7d 7d 29 7d 2c 64 2e 70 72 6f 74 6f 74 79 70 65 2e 61 70 70 6c 79 53 63 72 6f 6c 6c 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 76 61 72 20 6e 3d 74 68 69 73 2e 6d 69 72 72 6f 72 2e 67 65 74 4e 6f 64 65 28 65 2e 69 64 29 3b 69 66 28 21 6e 29 72 65 74 75 72 6e 20 74 68 69 73 2e 64 65 62 75 67 4e 6f 64 65 4e 6f 74 46 6f 75 6e 64 28 65 2c 65 2e 69 64 29 3b 69 66 28 6e 3d 3d 3d 74 68 69 73 2e 69 66 72 61 6d 65 2e 63 6f 6e 74 65 6e 74 44 6f 63 75 6d 65 6e 74 29 74 68 69 73 2e 69 66 72 61 6d 65 2e 63 6f 6e 74 65 6e 74 57 69 6e 64 6f 77 2e 73 63 72 6f 6c 6c 54 6f 28 7b 74 6f 70 3a 65 2e 79 2c 6c 65 66 74 3a 65 2e 78 2c 62 65 68 61 76 69 6f 72 3a 74 3f 22 61 75 74 6f 22 3a 22 73 6d 6f 6f 74 68
                                                                                                                                                                                                                                                                                                                                  Data Ascii: tyle.setProperty(o,i))}}})},d.prototype.applyScroll=function(e,t){var n=this.mirror.getNode(e.id);if(!n)return this.debugNodeNotFound(e,e.id);if(n===this.iframe.contentDocument)this.iframe.contentWindow.scrollTo({top:e.y,left:e.x,behavior:t?"auto":"smooth


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  136192.168.2.7499033.248.162.964437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:07 UTC1803OUTGET /mon HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: obseu.ytwohlcq.telerik.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; cg_uuid=490a579c4dfc5a03b8ee2ef3e0a6a990; _fbp=fb.1.1713914994453.110516813; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjp0cnVlfQ==; _ga=GA1.2.925834404.1713914987; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A59+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=1&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1; _cq_pxg=3|n15624902978738937898069555|975652292|event=conversion; _ga_9JSNBCSF54=GS1.1.1713914987.1.1.1713914999.48.0.0; prgs_utm=%7B%22referrer%22%3A%22https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run%22%7D; _gat_UA-111455-1=1; _gat_UA-111455-74=1
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:07 UTC268INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: undefined
                                                                                                                                                                                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/json
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:07 GMT
                                                                                                                                                                                                                                                                                                                                  Connection: close


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  137192.168.2.74991031.13.70.364437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:07 UTC1035OUTGET /privacy_sandbox/pixel/register/trigger/?id=1444093252502226&ev=PageView&dl=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&rl=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&if=false&ts=1713915003482&sw=1280&sh=1024&v=2.9.154&r=stable&ec=1&o=4126&fbp=fb.1.1713914994453.110516813&cs_est=true&ler=empty&cdl=API_unavailable&it=1713914999827&coo=false&rqm=FGET HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: www.facebook.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                                                                  Attribution-Reporting-Eligible: trigger, event-source;navigation-source
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:07 UTC948INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                  Content-Type: image/png
                                                                                                                                                                                                                                                                                                                                  reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
                                                                                                                                                                                                                                                                                                                                  report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:07 UTC1903INData Raw: 63 6f 6e 74 65 6e 74 2d 73 65 63 75 72 69 74 79 2d 70 6f 6c 69 63 79 3a 20 64 65 66 61 75 6c 74 2d 73 72 63 20 64 61 74 61 3a 20 62 6c 6f 62 3a 20 27 73 65 6c 66 27 20 68 74 74 70 73 3a 2f 2f 2a 2e 66 62 73 62 78 2e 63 6f 6d 20 27 75 6e 73 61 66 65 2d 69 6e 6c 69 6e 65 27 20 2a 2e 66 61 63 65 62 6f 6f 6b 2e 63 6f 6d 20 2a 2e 66 62 63 64 6e 2e 6e 65 74 20 27 75 6e 73 61 66 65 2d 65 76 61 6c 27 3b 73 63 72 69 70 74 2d 73 72 63 20 2a 2e 66 61 63 65 62 6f 6f 6b 2e 63 6f 6d 20 2a 2e 66 62 63 64 6e 2e 6e 65 74 20 2a 2e 66 61 63 65 62 6f 6f 6b 2e 6e 65 74 20 31 32 37 2e 30 2e 30 2e 31 3a 2a 20 27 75 6e 73 61 66 65 2d 69 6e 6c 69 6e 65 27 20 62 6c 6f 62 3a 20 64 61 74 61 3a 20 27 73 65 6c 66 27 20 63 6f 6e 6e 65 63 74 2e 66 61 63 65 62 6f 6f 6b 2e 6e 65 74 20 27
                                                                                                                                                                                                                                                                                                                                  Data Ascii: content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net '
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:07 UTC1580INData Raw: 70 65 72 6d 69 73 73 69 6f 6e 73 2d 70 6f 6c 69 63 79 3a 20 61 63 63 65 6c 65 72 6f 6d 65 74 65 72 3d 28 29 2c 20 61 74 74 72 69 62 75 74 69 6f 6e 2d 72 65 70 6f 72 74 69 6e 67 3d 28 73 65 6c 66 29 2c 20 61 75 74 6f 70 6c 61 79 3d 28 29 2c 20 62 6c 75 65 74 6f 6f 74 68 3d 28 29 2c 20 63 61 6d 65 72 61 3d 28 73 65 6c 66 29 2c 20 63 68 2d 64 65 76 69 63 65 2d 6d 65 6d 6f 72 79 3d 28 29 2c 20 63 68 2d 64 6f 77 6e 6c 69 6e 6b 3d 28 29 2c 20 63 68 2d 64 70 72 3d 28 29 2c 20 63 68 2d 65 63 74 3d 28 29 2c 20 63 68 2d 72 74 74 3d 28 29 2c 20 63 68 2d 73 61 76 65 2d 64 61 74 61 3d 28 29 2c 20 63 68 2d 75 61 2d 61 72 63 68 3d 28 29 2c 20 63 68 2d 75 61 2d 62 69 74 6e 65 73 73 3d 28 29 2c 20 63 68 2d 76 69 65 77 70 6f 72 74 2d 68 65 69 67 68 74 3d 28 29 2c 20 63 68
                                                                                                                                                                                                                                                                                                                                  Data Ascii: permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:07 UTC69INData Raw: 34 33 0d 0a 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 01 00 00 00 01 08 04 00 00 00 b5 1c 0c 02 00 00 00 0a 49 44 41 54 78 9c 63 00 01 00 00 05 00 01 0d 0a 2d b4 00 00 00 00 49 45 4e 44 ae 42
                                                                                                                                                                                                                                                                                                                                  Data Ascii: 43PNGIHDRIDATxc-IENDB
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:07 UTC9INData Raw: 60 82 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                                                                  Data Ascii: `0


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  138192.168.2.74990852.200.154.954437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:07 UTC700OUTGET /_/ad/f3942e2f1f7d449b81784d171e274880/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: q.quora.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:07 UTC374INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Content-Type: image/gif
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:07 GMT
                                                                                                                                                                                                                                                                                                                                  Server: nginx
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
                                                                                                                                                                                                                                                                                                                                  X-Q-Stat: ,3c1abe190c1b6a7a3d8d21b381008f18,10.0.0.98,40134,154.16.105.36,,360408540603,1,1713915007.828,0.002,,.,0,0,0.000,0.004,-,0,0,203,252,126,10,26847,,,,,,-,
                                                                                                                                                                                                                                                                                                                                  Content-Length: 43
                                                                                                                                                                                                                                                                                                                                  Connection: Close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:07 UTC43INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 00 00 00 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 02 44 01 00 3b
                                                                                                                                                                                                                                                                                                                                  Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  139192.168.2.74991531.13.70.364437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:07 UTC690OUTGET /tr/?id=1444093252502226&ev=PageView&dl=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&rl=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&if=false&ts=1713915003482&sw=1280&sh=1024&v=2.9.154&r=stable&ec=1&o=4126&fbp=fb.1.1713914994453.110516813&cs_est=true&ler=empty&cdl=API_unavailable&it=1713914999827&coo=false&rqm=GET HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: www.facebook.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:08 UTC469INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin:
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                                                                  cross-origin-resource-policy: cross-origin
                                                                                                                                                                                                                                                                                                                                  Server: proxygen-bolt
                                                                                                                                                                                                                                                                                                                                  X-FB-Connection-Quality: MODERATE; q=0.3, rtt=159, rtx=0, c=10, mss=1277, tbw=3402, tp=-1, tpl=-1, uplat=0, ullat=0
                                                                                                                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:08 GMT
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Content-Length: 0


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  140192.168.2.74992031.13.70.364437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:08 UTC727OUTGET /privacy_sandbox/pixel/register/trigger/?id=1444093252502226&ev=PageView&dl=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&rl=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&if=false&ts=1713915003482&sw=1280&sh=1024&v=2.9.154&r=stable&ec=1&o=4126&fbp=fb.1.1713914994453.110516813&cs_est=true&ler=empty&cdl=API_unavailable&it=1713914999827&coo=false&rqm=FGET HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: www.facebook.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:08 UTC900INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
                                                                                                                                                                                                                                                                                                                                  report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:08 UTC1903INData Raw: 63 6f 6e 74 65 6e 74 2d 73 65 63 75 72 69 74 79 2d 70 6f 6c 69 63 79 3a 20 64 65 66 61 75 6c 74 2d 73 72 63 20 64 61 74 61 3a 20 62 6c 6f 62 3a 20 27 73 65 6c 66 27 20 68 74 74 70 73 3a 2f 2f 2a 2e 66 62 73 62 78 2e 63 6f 6d 20 27 75 6e 73 61 66 65 2d 69 6e 6c 69 6e 65 27 20 2a 2e 66 61 63 65 62 6f 6f 6b 2e 63 6f 6d 20 2a 2e 66 62 63 64 6e 2e 6e 65 74 20 27 75 6e 73 61 66 65 2d 65 76 61 6c 27 3b 73 63 72 69 70 74 2d 73 72 63 20 2a 2e 66 61 63 65 62 6f 6f 6b 2e 63 6f 6d 20 2a 2e 66 62 63 64 6e 2e 6e 65 74 20 2a 2e 66 61 63 65 62 6f 6f 6b 2e 6e 65 74 20 31 32 37 2e 30 2e 30 2e 31 3a 2a 20 27 75 6e 73 61 66 65 2d 69 6e 6c 69 6e 65 27 20 62 6c 6f 62 3a 20 64 61 74 61 3a 20 27 73 65 6c 66 27 20 63 6f 6e 6e 65 63 74 2e 66 61 63 65 62 6f 6f 6b 2e 6e 65 74 20 27
                                                                                                                                                                                                                                                                                                                                  Data Ascii: content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net '
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:08 UTC1613INData Raw: 70 65 72 6d 69 73 73 69 6f 6e 73 2d 70 6f 6c 69 63 79 3a 20 61 63 63 65 6c 65 72 6f 6d 65 74 65 72 3d 28 29 2c 20 61 74 74 72 69 62 75 74 69 6f 6e 2d 72 65 70 6f 72 74 69 6e 67 3d 28 73 65 6c 66 29 2c 20 61 75 74 6f 70 6c 61 79 3d 28 29 2c 20 62 6c 75 65 74 6f 6f 74 68 3d 28 29 2c 20 63 61 6d 65 72 61 3d 28 73 65 6c 66 29 2c 20 63 68 2d 64 65 76 69 63 65 2d 6d 65 6d 6f 72 79 3d 28 29 2c 20 63 68 2d 64 6f 77 6e 6c 69 6e 6b 3d 28 29 2c 20 63 68 2d 64 70 72 3d 28 29 2c 20 63 68 2d 65 63 74 3d 28 29 2c 20 63 68 2d 72 74 74 3d 28 29 2c 20 63 68 2d 73 61 76 65 2d 64 61 74 61 3d 28 29 2c 20 63 68 2d 75 61 2d 61 72 63 68 3d 28 29 2c 20 63 68 2d 75 61 2d 62 69 74 6e 65 73 73 3d 28 29 2c 20 63 68 2d 76 69 65 77 70 6f 72 74 2d 68 65 69 67 68 74 3d 28 29 2c 20 63 68
                                                                                                                                                                                                                                                                                                                                  Data Ascii: permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  141192.168.2.74992352.200.154.954437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:08 UTC465OUTGET /_/ad/f3942e2f1f7d449b81784d171e274880/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: q.quora.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:08 UTC374INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Content-Type: image/gif
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:08 GMT
                                                                                                                                                                                                                                                                                                                                  Server: nginx
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
                                                                                                                                                                                                                                                                                                                                  X-Q-Stat: ,e5d54d0fe5febf0f4aa8520861b596b2,10.0.0.98,40992,154.16.105.36,,231485451822,1,1713915008.890,0.002,,.,0,0,0.000,0.000,-,0,0,203,206,103,10,34729,,,,,,-,
                                                                                                                                                                                                                                                                                                                                  Content-Length: 43
                                                                                                                                                                                                                                                                                                                                  Connection: Close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:08 UTC43INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 00 00 00 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 02 44 01 00 3b
                                                                                                                                                                                                                                                                                                                                  Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  142192.168.2.749924104.244.42.694437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:08 UTC942OUTGET /i/adsct?bci=3&eci=2&event_id=36b4f4d4-fcfc-4db7-bd89-13f79635ad81&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9302dcdc-8363-4b82-9a49-9b54042acc7e&tw_document_href=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nurcc&type=javascript&version=2.3.30 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: t.co
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:08 UTC551INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  date: Tue, 23 Apr 2024 23:30:08 GMT
                                                                                                                                                                                                                                                                                                                                  perf: 7402827104
                                                                                                                                                                                                                                                                                                                                  server: tsa_p
                                                                                                                                                                                                                                                                                                                                  set-cookie: muc_ads=3abd0117-8616-47bc-b0c5-4851d8992a3b; Max-Age=63072000; Expires=Thu, 23 Apr 2026 23:30:08 GMT; Path=/; Domain=t.co; Secure; SameSite=None
                                                                                                                                                                                                                                                                                                                                  content-type: image/gif;charset=utf-8
                                                                                                                                                                                                                                                                                                                                  cache-control: no-cache, no-store, max-age=0
                                                                                                                                                                                                                                                                                                                                  content-length: 43
                                                                                                                                                                                                                                                                                                                                  x-transaction-id: e2fbfc5d0f4e6f13
                                                                                                                                                                                                                                                                                                                                  strict-transport-security: max-age=0
                                                                                                                                                                                                                                                                                                                                  x-response-time: 4
                                                                                                                                                                                                                                                                                                                                  x-connection-hash: a7ce07c1253b750ab1e4a6dbc4b0393503f35f0fb7dc20aabc02e24bbe22a5f9
                                                                                                                                                                                                                                                                                                                                  connection: close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:08 UTC43INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 ff ff ff 00 00 00 21 f9 04 09 00 00 01 00 2c 00 00 00 00 01 00 01 00 00 02 02 4c 01 00 3b
                                                                                                                                                                                                                                                                                                                                  Data Ascii: GIF89a!,L;


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  143192.168.2.749925104.244.42.694437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:08 UTC942OUTGET /i/adsct?bci=3&eci=2&event_id=5e062168-5662-416c-a314-a9a718dcb2e9&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9302dcdc-8363-4b82-9a49-9b54042acc7e&tw_document_href=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzcii&type=javascript&version=2.3.30 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: t.co
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:08 UTC551INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  date: Tue, 23 Apr 2024 23:30:08 GMT
                                                                                                                                                                                                                                                                                                                                  perf: 7402827104
                                                                                                                                                                                                                                                                                                                                  server: tsa_p
                                                                                                                                                                                                                                                                                                                                  set-cookie: muc_ads=2564eebd-51b1-4e03-af7f-2c96a59d2ba3; Max-Age=63072000; Expires=Thu, 23 Apr 2026 23:30:08 GMT; Path=/; Domain=t.co; Secure; SameSite=None
                                                                                                                                                                                                                                                                                                                                  content-type: image/gif;charset=utf-8
                                                                                                                                                                                                                                                                                                                                  cache-control: no-cache, no-store, max-age=0
                                                                                                                                                                                                                                                                                                                                  content-length: 43
                                                                                                                                                                                                                                                                                                                                  x-transaction-id: 416425909399efd7
                                                                                                                                                                                                                                                                                                                                  strict-transport-security: max-age=0
                                                                                                                                                                                                                                                                                                                                  x-response-time: 5
                                                                                                                                                                                                                                                                                                                                  x-connection-hash: 013b0fc2721c46f98573bf2cca5a20e3fb5088849ec9e369cbbd80c9be241168
                                                                                                                                                                                                                                                                                                                                  connection: close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:08 UTC43INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 ff ff ff 00 00 00 21 f9 04 09 00 00 01 00 2c 00 00 00 00 01 00 01 00 00 02 02 4c 01 00 3b
                                                                                                                                                                                                                                                                                                                                  Data Ascii: GIF89a!,L;


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  144192.168.2.749927104.244.42.1314437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:08 UTC959OUTGET /i/adsct?bci=3&eci=2&event_id=36b4f4d4-fcfc-4db7-bd89-13f79635ad81&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9302dcdc-8363-4b82-9a49-9b54042acc7e&tw_document_href=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nurcc&type=javascript&version=2.3.30 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: analytics.twitter.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:09 UTC571INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  date: Tue, 23 Apr 2024 23:30:08 GMT
                                                                                                                                                                                                                                                                                                                                  perf: 7402827104
                                                                                                                                                                                                                                                                                                                                  server: tsa_p
                                                                                                                                                                                                                                                                                                                                  set-cookie: personalization_id="v1_VKT6toCZV7gBM4gxlYfjrQ=="; Max-Age=63072000; Expires=Thu, 23 Apr 2026 23:30:08 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                                                                                                                                                                                                  content-type: image/gif;charset=utf-8
                                                                                                                                                                                                                                                                                                                                  cache-control: no-cache, no-store, max-age=0
                                                                                                                                                                                                                                                                                                                                  content-length: 43
                                                                                                                                                                                                                                                                                                                                  x-transaction-id: 41515ca86d5e3318
                                                                                                                                                                                                                                                                                                                                  strict-transport-security: max-age=631138519
                                                                                                                                                                                                                                                                                                                                  x-response-time: 5
                                                                                                                                                                                                                                                                                                                                  x-connection-hash: d1f07dbc7b22c2a56a7c39890973f79cec730f0001f66033b3c3c02cce262448
                                                                                                                                                                                                                                                                                                                                  connection: close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:09 UTC43INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 ff ff ff 00 00 00 21 f9 04 09 00 00 01 00 2c 00 00 00 00 01 00 01 00 00 02 02 4c 01 00 3b
                                                                                                                                                                                                                                                                                                                                  Data Ascii: GIF89a!,L;


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  145192.168.2.7499193.248.162.964437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:08 UTC1803OUTGET /mon HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: obseu.ytwohlcq.telerik.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; cg_uuid=490a579c4dfc5a03b8ee2ef3e0a6a990; _fbp=fb.1.1713914994453.110516813; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjp0cnVlfQ==; _ga=GA1.2.925834404.1713914987; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A59+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=1&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1; _cq_pxg=3|n15624902978738937898069555|975652292|event=conversion; _ga_9JSNBCSF54=GS1.1.1713914987.1.1.1713914999.48.0.0; prgs_utm=%7B%22referrer%22%3A%22https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run%22%7D; _gat_UA-111455-1=1; _gat_UA-111455-74=1
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:09 UTC268INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: undefined
                                                                                                                                                                                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/json
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:08 GMT
                                                                                                                                                                                                                                                                                                                                  Connection: close


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  146192.168.2.749928104.244.42.1314437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:08 UTC959OUTGET /i/adsct?bci=3&eci=2&event_id=5e062168-5662-416c-a314-a9a718dcb2e9&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9302dcdc-8363-4b82-9a49-9b54042acc7e&tw_document_href=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzcii&type=javascript&version=2.3.30 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: analytics.twitter.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:09 UTC571INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  date: Tue, 23 Apr 2024 23:30:08 GMT
                                                                                                                                                                                                                                                                                                                                  perf: 7402827104
                                                                                                                                                                                                                                                                                                                                  server: tsa_p
                                                                                                                                                                                                                                                                                                                                  set-cookie: personalization_id="v1_cReNRV+lMPRPVyw8C6pyMA=="; Max-Age=63072000; Expires=Thu, 23 Apr 2026 23:30:09 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
                                                                                                                                                                                                                                                                                                                                  content-type: image/gif;charset=utf-8
                                                                                                                                                                                                                                                                                                                                  cache-control: no-cache, no-store, max-age=0
                                                                                                                                                                                                                                                                                                                                  content-length: 43
                                                                                                                                                                                                                                                                                                                                  x-transaction-id: 98c69136e89b7ce2
                                                                                                                                                                                                                                                                                                                                  strict-transport-security: max-age=631138519
                                                                                                                                                                                                                                                                                                                                  x-response-time: 6
                                                                                                                                                                                                                                                                                                                                  x-connection-hash: 0fb601175b3cefa23ba78dfd6a826a176221245450c18727f5a7fcac1f7d0abd
                                                                                                                                                                                                                                                                                                                                  connection: close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:09 UTC43INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 ff ff ff 00 00 00 21 f9 04 09 00 00 01 00 2c 00 00 00 00 01 00 01 00 00 02 02 4c 01 00 3b
                                                                                                                                                                                                                                                                                                                                  Data Ascii: GIF89a!,L;


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  147192.168.2.74991834.245.244.1464437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:08 UTC1044OUTGET /img/beacon.gif?id=54328dddabe53db9497b23c6&sAW=1280&sAH=984&bIW=1034&bIH=870&pD=24&dPR=1&or=landscape-primary&nT=1&rC=0&nS=0&cS=13&cE=434&dLE=13&dLS=13&fS=4&hS=14&rE=-1&rS=-1&reS=434&resS=1091&resE=1520&uEE=1137&uES=1137&dL=1156&dI=1751&dCLES=1751&dCLEE=1754&dC=8300&lES=8308&lEE=8310&s=nt&title=First%20run&path=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&ref=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&sId=zaewourn&sST=1713915006&sIS=1&rV=0&v=1.4.1 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: rum-collector-2.pingdom.net
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:09 UTC208INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:09 GMT
                                                                                                                                                                                                                                                                                                                                  Expires: 0
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                                                                                                                                                                                  Connection: Close


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  148192.168.2.749929142.250.141.1064437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:09 UTC803OUTGET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-111455-1&cid=925834404.1713914987&jid=1790868512&_u=SDCACEABBAAAACAFKC~&z=1680824539 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: www.google.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                                                                  X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:09 UTC539INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
                                                                                                                                                                                                                                                                                                                                  Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:09 GMT
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                                                                                                                  Content-Type: image/gif
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  Server: cafe
                                                                                                                                                                                                                                                                                                                                  Content-Length: 42
                                                                                                                                                                                                                                                                                                                                  X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:09 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                                                                  Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  149192.168.2.749930142.250.141.1064437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:09 UTC805OUTGET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-111455-74&cid=925834404.1713914987&jid=2072956638&_u=SDCACEABBAAAACAFKCC~&z=1106341662 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: www.google.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                                                                  X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:09 UTC539INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
                                                                                                                                                                                                                                                                                                                                  Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:09 GMT
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                                                                                                                  Content-Type: image/gif
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  Server: cafe
                                                                                                                                                                                                                                                                                                                                  Content-Length: 42
                                                                                                                                                                                                                                                                                                                                  X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:09 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                                                                  Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  150192.168.2.749932104.244.42.694437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:09 UTC761OUTGET /i/adsct?bci=3&eci=2&event_id=36b4f4d4-fcfc-4db7-bd89-13f79635ad81&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9302dcdc-8363-4b82-9a49-9b54042acc7e&tw_document_href=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nurcc&type=javascript&version=2.3.30 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: t.co
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: muc_ads=3abd0117-8616-47bc-b0c5-4851d8992a3b
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:09 UTC392INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  date: Tue, 23 Apr 2024 23:30:09 GMT
                                                                                                                                                                                                                                                                                                                                  perf: 7402827104
                                                                                                                                                                                                                                                                                                                                  server: tsa_p
                                                                                                                                                                                                                                                                                                                                  content-type: image/gif;charset=utf-8
                                                                                                                                                                                                                                                                                                                                  cache-control: no-cache, no-store, max-age=0
                                                                                                                                                                                                                                                                                                                                  content-length: 43
                                                                                                                                                                                                                                                                                                                                  x-transaction-id: d056fd2d1427faea
                                                                                                                                                                                                                                                                                                                                  strict-transport-security: max-age=0
                                                                                                                                                                                                                                                                                                                                  x-response-time: 5
                                                                                                                                                                                                                                                                                                                                  x-connection-hash: 91749a9fdd843476250c8b4d3ad221eaae9bf2697c08f5deedc74afcbf1777f4
                                                                                                                                                                                                                                                                                                                                  connection: close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:09 UTC43INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 ff ff ff 00 00 00 21 f9 04 09 00 00 01 00 2c 00 00 00 00 01 00 01 00 00 02 02 4c 01 00 3b
                                                                                                                                                                                                                                                                                                                                  Data Ascii: GIF89a!,L;


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  151192.168.2.749933104.244.42.694437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:09 UTC761OUTGET /i/adsct?bci=3&eci=2&event_id=5e062168-5662-416c-a314-a9a718dcb2e9&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9302dcdc-8363-4b82-9a49-9b54042acc7e&tw_document_href=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzcii&type=javascript&version=2.3.30 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: t.co
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: muc_ads=2564eebd-51b1-4e03-af7f-2c96a59d2ba3
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:09 UTC392INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  date: Tue, 23 Apr 2024 23:30:09 GMT
                                                                                                                                                                                                                                                                                                                                  perf: 7402827104
                                                                                                                                                                                                                                                                                                                                  server: tsa_p
                                                                                                                                                                                                                                                                                                                                  content-type: image/gif;charset=utf-8
                                                                                                                                                                                                                                                                                                                                  cache-control: no-cache, no-store, max-age=0
                                                                                                                                                                                                                                                                                                                                  content-length: 43
                                                                                                                                                                                                                                                                                                                                  x-transaction-id: 791b0e83765ae0b2
                                                                                                                                                                                                                                                                                                                                  strict-transport-security: max-age=0
                                                                                                                                                                                                                                                                                                                                  x-response-time: 5
                                                                                                                                                                                                                                                                                                                                  x-connection-hash: 440e71e221b4c120d38c3ce0b0479541e6cc668d4ec65c73625e8035a572d1a4
                                                                                                                                                                                                                                                                                                                                  connection: close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:09 UTC43INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 ff ff ff 00 00 00 21 f9 04 09 00 00 01 00 2c 00 00 00 00 01 00 01 00 00 02 02 4c 01 00 3b
                                                                                                                                                                                                                                                                                                                                  Data Ascii: GIF89a!,L;


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  152192.168.2.749935104.244.42.1314437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:09 UTC782OUTGET /i/adsct?bci=3&eci=2&event_id=36b4f4d4-fcfc-4db7-bd89-13f79635ad81&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9302dcdc-8363-4b82-9a49-9b54042acc7e&tw_document_href=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nurcc&type=javascript&version=2.3.30 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: analytics.twitter.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: personalization_id="v1_VKT6toCZV7gBM4gxlYfjrQ=="
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:09 UTC400INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  date: Tue, 23 Apr 2024 23:30:09 GMT
                                                                                                                                                                                                                                                                                                                                  perf: 7402827104
                                                                                                                                                                                                                                                                                                                                  server: tsa_p
                                                                                                                                                                                                                                                                                                                                  content-type: image/gif;charset=utf-8
                                                                                                                                                                                                                                                                                                                                  cache-control: no-cache, no-store, max-age=0
                                                                                                                                                                                                                                                                                                                                  content-length: 43
                                                                                                                                                                                                                                                                                                                                  x-transaction-id: 9d087c472eddc8cd
                                                                                                                                                                                                                                                                                                                                  strict-transport-security: max-age=631138519
                                                                                                                                                                                                                                                                                                                                  x-response-time: 6
                                                                                                                                                                                                                                                                                                                                  x-connection-hash: 1d001534c35d6b6d98a97bbc35cf3aa3e29fdde897bf450fd3639f40debecc13
                                                                                                                                                                                                                                                                                                                                  connection: close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:09 UTC43INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 ff ff ff 00 00 00 21 f9 04 09 00 00 01 00 2c 00 00 00 00 01 00 01 00 00 02 02 4c 01 00 3b
                                                                                                                                                                                                                                                                                                                                  Data Ascii: GIF89a!,L;


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  153192.168.2.749934104.244.42.1314437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:09 UTC782OUTGET /i/adsct?bci=3&eci=2&event_id=5e062168-5662-416c-a314-a9a718dcb2e9&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9302dcdc-8363-4b82-9a49-9b54042acc7e&tw_document_href=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzcii&type=javascript&version=2.3.30 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: analytics.twitter.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: personalization_id="v1_cReNRV+lMPRPVyw8C6pyMA=="
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:09 UTC400INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  date: Tue, 23 Apr 2024 23:30:09 GMT
                                                                                                                                                                                                                                                                                                                                  perf: 7402827104
                                                                                                                                                                                                                                                                                                                                  server: tsa_p
                                                                                                                                                                                                                                                                                                                                  content-type: image/gif;charset=utf-8
                                                                                                                                                                                                                                                                                                                                  cache-control: no-cache, no-store, max-age=0
                                                                                                                                                                                                                                                                                                                                  content-length: 43
                                                                                                                                                                                                                                                                                                                                  x-transaction-id: 3d28a139e107958f
                                                                                                                                                                                                                                                                                                                                  strict-transport-security: max-age=631138519
                                                                                                                                                                                                                                                                                                                                  x-response-time: 5
                                                                                                                                                                                                                                                                                                                                  x-connection-hash: 409f6bb720ad166ade03556f3e9755c3a9f0e4843a7392437519d8f71be8e94a
                                                                                                                                                                                                                                                                                                                                  connection: close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:09 UTC43INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 ff ff ff 00 00 00 21 f9 04 09 00 00 01 00 2c 00 00 00 00 01 00 01 00 00 02 02 4c 01 00 3b
                                                                                                                                                                                                                                                                                                                                  Data Ascii: GIF89a!,L;


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  154192.168.2.749937142.250.141.1044437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:10 UTC568OUTGET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-111455-1&cid=925834404.1713914987&jid=1790868512&_u=SDCACEABBAAAACAFKC~&z=1680824539 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: www.google.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:10 UTC539INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
                                                                                                                                                                                                                                                                                                                                  Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:10 GMT
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                                                                                                                  Content-Type: image/gif
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  Server: cafe
                                                                                                                                                                                                                                                                                                                                  Content-Length: 42
                                                                                                                                                                                                                                                                                                                                  X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:10 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                                                                  Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  155192.168.2.749939142.250.141.1044437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:10 UTC570OUTGET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-111455-74&cid=925834404.1713914987&jid=2072956638&_u=SDCACEABBAAAACAFKCC~&z=1106341662 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: www.google.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlqHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:10 UTC539INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
                                                                                                                                                                                                                                                                                                                                  Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:10 GMT
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                                                                                                                  Content-Type: image/gif
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  Server: cafe
                                                                                                                                                                                                                                                                                                                                  Content-Length: 42
                                                                                                                                                                                                                                                                                                                                  X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:10 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                                                                  Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  156192.168.2.74993834.240.56.2204437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:10 UTC840OUTGET /img/beacon.gif?id=54328dddabe53db9497b23c6&sAW=1280&sAH=984&bIW=1034&bIH=870&pD=24&dPR=1&or=landscape-primary&nT=1&rC=0&nS=0&cS=13&cE=434&dLE=13&dLS=13&fS=4&hS=14&rE=-1&rS=-1&reS=434&resS=1091&resE=1520&uEE=1137&uES=1137&dL=1156&dI=1751&dCLES=1751&dCLEE=1754&dC=8300&lES=8308&lEE=8310&s=nt&title=First%20run&path=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&ref=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&sId=zaewourn&sST=1713915006&sIS=1&rV=0&v=1.4.1 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: rum-collector-2.pingdom.net
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:10 UTC208INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:10 GMT
                                                                                                                                                                                                                                                                                                                                  Expires: 0
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                                                                                                                                                                                  Connection: Close


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  157192.168.2.74994150.56.19.1124437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:11 UTC2657OUTGET /favicon.ico?v=rebv1 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/download/fiddler/first-run
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-tracking-consent=true; sf-prs-ss=638495117894670000; sf-prs-lu=https://www.telerik.com/download/fiddler/first-run; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; elqUserId=a19fc914-6c53-4783-a26e-ba38f50b2a88; _uetsid=62ec1d5001c911ef8802d7a3fb1ea1ce; _uetvid=62ec671001c911ef89dd470cec5d38bd; _fbp=fb.1.1713914994453.110516813; ki_r=; sf-ins-pv-id=eef0eedd-b11e-465f-ae5a-179b4f5e0fb9; sid=/pU34nM7xcF1a1i8u1OTxx/5J7bGqqAKXB2hXQOSALC5RJ2vae2gTRMWBg3kyy445Vdm0qRGnvVHMEEoR6SE1I1o0VOa/z9xqn/whm5Vqb40haS8tZDTwRx1NODFFQTPT3eFyQBOkyaTEQw3mN7RJIPVp00=; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjp0cnVlfQ==; _ga=GA1.2.925834404.1713914987; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A59+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=1&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1; _cq_pxg=3|n15624902978738937898069555|975652292|event=conversion; _ga_9JSNBCSF54=GS1.1.1713914987.1.1.1713914999.48.0.0; prgs_utm=%7B%22referrer%22%3A%22https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run%22%7D; _clck=1wlli9p%7C2%7Cfl6%7C0%7C1574; _clsk=eu7kl0%7C1713915002285%7C1%7C1%7Cd.clarity.ms%2Fcollect; ki_t=1713914995146%3B1713914995146%3B1713915003452%3B1%3B2; _gat_UA-111455-1=1; _gat_UA-111455-74=1
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:11 UTC506INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Cache-Control: max-age=2678400
                                                                                                                                                                                                                                                                                                                                  Content-Type: image/x-icon
                                                                                                                                                                                                                                                                                                                                  Last-Modified: Wed, 03 Apr 2024 09:36:44 GMT
                                                                                                                                                                                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                  ETag: "0de8b70aa85da1:0"
                                                                                                                                                                                                                                                                                                                                  Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: http://localconverter.telerik.com
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:10 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Length: 21142
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:11 UTC15878INData Raw: 00 00 01 00 04 00 00 00 00 00 01 00 20 00 98 17 00 00 46 00 00 00 10 10 00 00 01 00 20 00 68 04 00 00 de 17 00 00 20 20 00 00 01 00 20 00 a8 10 00 00 46 1c 00 00 30 30 00 00 01 00 20 00 a8 25 00 00 ee 2c 00 00 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 00 00 00 01 00 08 06 00 00 00 5c 72 a8 66 00 00 17 5f 49 44 41 54 78 9c ed 9d 79 dc 9e e3 95 c7 4f aa 54 85 b4 68 69 6a 69 c4 d2 0a 51 d5 b1 2f b1 54 33 68 3b 96 5a aa d5 aa 9d 62 c4 0c 52 aa d6 aa 41 a4 a5 44 45 69 ab 35 96 22 e8 42 4d 47 82 d0 a2 2a 24 48 67 46 33 8a 31 43 33 98 69 55 8b f4 fc 7a 72 7f f2 92 27 6f 9e fb 79 ae fb 3e d7 f2 fb 7e 3e bf 7f 78 df e7 3e 49 de fb bc d7 b9 ce 36 64 de bc 79 42 08 29 93 b7 78 1b 40 08 f1 e3 ad dd 7c d1 7e 4f 0f 69 da 0e d2 3c 4b a8 f6 52 ed ae fa a0
                                                                                                                                                                                                                                                                                                                                  Data Ascii: F h F00 %,PNGIHDR\rf_IDATxyOThijiQ/T3h;ZbRADEi5"BMG*$HgF31C3iUzr'oy>~>x>I6dyB)x@|~Oi<KR
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:11 UTC1011INData Raw: 00 e4 5c b7 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 5e 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c dd ff ff ff 00 ff ff ff 00 ff ff ff 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 8f 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c b8 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 5e 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c
                                                                                                                                                                                                                                                                                                                                  Data Ascii: \\\\\\^\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\^\\\\\\\\\\
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:11 UTC2896INData Raw: ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c dd ff ff ff 00 ff ff ff 00 ff ff ff 00 00 e4 5c 08 00 e4 5c 57 00 e4 5c e5 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c b2 00 e4 5c 16 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 74 00 e4 5c fc 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c dd ff ff ff 00 ff ff ff 00 ff ff ff 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 5a 00 e4 5c f2 00 e4 5c ff 00 e4 5c ff 00 e4
                                                                                                                                                                                                                                                                                                                                  Data Ascii: \\\\\\\W\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\t\\\\\\\\\\\\\\\\\Z\\\
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:11 UTC1357INData Raw: 00 00 e4 5c 00 ff ff ff 00 ff ff ff 00 ff ff ff 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 7d 00 e4 5c fd 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ee 00 e4 5c 5d 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 ff ff ff 00 ff ff ff 00 ff ff ff 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4
                                                                                                                                                                                                                                                                                                                                  Data Ascii: \\\\\\\\\\\\\\\\\}\\\\\\\\\\\\\\\]\\\\\\\\\\\\\\\\\\\\\\\\\


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  158192.168.2.7499433.248.162.964437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:11 UTC2078OUTPOST /mon HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: obseu.ytwohlcq.telerik.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  Content-Length: 2165
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; cg_uuid=490a579c4dfc5a03b8ee2ef3e0a6a990; _fbp=fb.1.1713914994453.110516813; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjp0cnVlfQ==; _ga=GA1.2.925834404.1713914987; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A59+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=1&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1; _cq_pxg=3|n15624902978738937898069555|975652292|event=conversion; _ga_9JSNBCSF54=GS1.1.1713914987.1.1.1713914999.48.0.0; prgs_utm=%7B%22referrer%22%3A%22https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run%22%7D; _gat_UA-111455-1=1; _gat_UA-111455-74=1
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:11 UTC2165OUTData Raw: 65 3d 33 37 64 66 62 64 38 65 65 38 34 65 30 30 31 32 36 62 65 64 63 65 33 34 65 66 34 37 38 61 39 64 39 32 32 35 63 32 34 66 35 36 37 64 34 33 64 36 64 61 31 39 30 38 62 65 36 32 34 35 63 61 64 37 62 64 37 30 61 39 37 36 37 31 30 63 65 36 30 65 64 38 39 33 37 33 62 66 65 37 30 65 39 63 32 30 63 31 65 35 33 65 38 64 35 64 31 36 38 62 36 61 32 66 31 37 30 37 31 61 31 30 61 63 66 39 66 32 39 66 36 37 34 64 38 62 38 33 64 38 30 32 32 62 33 36 34 38 66 61 32 63 32 31 35 37 38 32 36 61 64 66 36 31 39 35 30 63 36 35 35 30 32 31 63 36 30 34 30 33 30 61 33 35 35 35 35 39 39 37 62 37 36 32 34 66 37 37 62 65 32 36 62 62 32 35 63 62 34 33 65 32 39 32 33 65 66 34 34 63 36 65 61 61 31 33 32 63 37 61 31 34 63 34 35 30 65 61 35 34 65 32 38 35 39 32 39 63 36 38 66 33 37
                                                                                                                                                                                                                                                                                                                                  Data Ascii: e=37dfbd8ee84e00126bedce34ef478a9d9225c24f567d43d6da1908be6245cad7bd70a976710ce60ed89373bfe70e9c20c1e53e8d5d168b6a2f17071a10acf9f29f674d8b83d8022b3648fa2c2157826adf61950c655021c604030a35555997b7624f77be26bb25cb43e2923ef44c6eaa132c7a14c450ea54e285929c68f37
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:12 UTC282INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/json
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:12 GMT
                                                                                                                                                                                                                                                                                                                                  Connection: close


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  159192.168.2.74994450.56.19.1124437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:12 UTC2395OUTGET /favicon.ico?v=rebv1 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-tracking-consent=true; sf-prs-ss=638495117894670000; sf-prs-lu=https://www.telerik.com/download/fiddler/first-run; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; elqUserId=a19fc914-6c53-4783-a26e-ba38f50b2a88; _uetsid=62ec1d5001c911ef8802d7a3fb1ea1ce; _uetvid=62ec671001c911ef89dd470cec5d38bd; _fbp=fb.1.1713914994453.110516813; ki_r=; sf-ins-pv-id=eef0eedd-b11e-465f-ae5a-179b4f5e0fb9; sid=/pU34nM7xcF1a1i8u1OTxx/5J7bGqqAKXB2hXQOSALC5RJ2vae2gTRMWBg3kyy445Vdm0qRGnvVHMEEoR6SE1I1o0VOa/z9xqn/whm5Vqb40haS8tZDTwRx1NODFFQTPT3eFyQBOkyaTEQw3mN7RJIPVp00=; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjp0cnVlfQ==; _ga=GA1.2.925834404.1713914987; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A59+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=1&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1; _cq_pxg=3|n15624902978738937898069555|975652292|event=conversion; _ga_9JSNBCSF54=GS1.1.1713914987.1.1.1713914999.48.0.0; prgs_utm=%7B%22referrer%22%3A%22https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run%22%7D; _clck=1wlli9p%7C2%7Cfl6%7C0%7C1574; _clsk=eu7kl0%7C1713915002285%7C1%7C1%7Cd.clarity.ms%2Fcollect; ki_t=1713914995146%3B1713914995146%3B1713915003452%3B1%3B2; _gat_UA-111455-1=1; _gat_UA-111455-74=1
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:12 UTC506INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Cache-Control: max-age=2678400
                                                                                                                                                                                                                                                                                                                                  Content-Type: image/x-icon
                                                                                                                                                                                                                                                                                                                                  Last-Modified: Wed, 03 Apr 2024 09:36:44 GMT
                                                                                                                                                                                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                  ETag: "0de8b70aa85da1:0"
                                                                                                                                                                                                                                                                                                                                  Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: http://localconverter.telerik.com
                                                                                                                                                                                                                                                                                                                                  Date: Mon, 02 Dec 2024 23:56:19 GMT
                                                                                                                                                                                                                                                                                                                                  Content-Length: 21142
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:12 UTC961INData Raw: 00 00 01 00 04 00 00 00 00 00 01 00 20 00 98 17 00 00 46 00 00 00 10 10 00 00 01 00 20 00 68 04 00 00 de 17 00 00 20 20 00 00 01 00 20 00 a8 10 00 00 46 1c 00 00 30 30 00 00 01 00 20 00 a8 25 00 00 ee 2c 00 00 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 00 00 00 01 00 08 06 00 00 00 5c 72 a8 66 00 00 17 5f 49 44 41 54 78 9c ed 9d 79 dc 9e e3 95 c7 4f aa 54 85 b4 68 69 6a 69 c4 d2 0a 51 d5 b1 2f b1 54 33 68 3b 96 5a aa d5 aa 9d 62 c4 0c 52 aa d6 aa 41 a4 a5 44 45 69 ab 35 96 22 e8 42 4d 47 82 d0 a2 2a 24 48 67 46 33 8a 31 43 33 98 69 55 8b f4 fc 7a 72 7f f2 92 27 6f 9e fb 79 ae fb 3e d7 f2 fb 7e 3e bf 7f 78 df e7 3e 49 de fb bc d7 b9 ce 36 64 de bc 79 42 08 29 93 b7 78 1b 40 08 f1 e3 ad dd 7c d1 7e 4f 0f 69 da 0e d2 3c 4b a8 f6 52 ed ae fa a0
                                                                                                                                                                                                                                                                                                                                  Data Ascii: F h F00 %,PNGIHDR\rf_IDATxyOThijiQ/T3h;ZbRADEi5"BMG*$HgF31C3iUzr'oy>~>x>I6dyB)x@|~Oi<KR
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:12 UTC16384INData Raw: 67 5b 92 85 21 40 f7 e0 08 7a 82 ea 64 c9 ab 5b 2f 75 10 0e a0 b4 18 65 c5 93 9d 6d 49 0e 3a 80 ee f8 3b d5 44 d5 1a de 86 90 8e a0 db f0 52 d5 17 e6 8b 43 4a bb 84 21 c0 e0 20 0d f5 2f 62 31 27 5f fe f8 c1 d6 63 d4 0c 20 44 63 1a b6 0b e8 00 3a 83 b4 1e e6 f0 cd 52 ed e0 6c 0b a9 cf 3e 62 d3 88 b0 33 81 bb 0d 07 81 21 c0 c2 1c 20 d6 ad 97 d2 1c 3e b2 30 b8 a7 39 43 6c b7 21 ee 09 6e f6 35 27 4e 78 02 58 00 ba f5 90 d6 fb 96 f0 e5 cf 09 74 1b a2 66 e0 67 c2 6e c3 85 a0 03 10 79 b7 58 cc 88 6e 3d a6 f5 f2 65 7b b1 6e 43 a4 0d 39 a4 74 3e 25 87 00 cb 88 cd a8 63 5a af 2c 10 0e ec 27 36 ac f4 0a 67 5b dc 29 f9 04 80 75 56 b9 4d e0 25 dd 81 ca cd cb 55 0f a9 36 75 b6 c5 95 92 1d 00 36 d8 4c f4 36 82 b8 82 b4 e1 cf 55 57 8b d5 12 14 47 c9 0e e0 19 b1 63 e0 48
                                                                                                                                                                                                                                                                                                                                  Data Ascii: g[!@zd[/uemI:;DRCJ! /b1'_c Dc:Rl>b3! >09Cl!n5'NxXtfgnyXn=e{nC9t>%cZ,'6g[)uVM%U6u6L6UWGcH
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:12 UTC2440INData Raw: ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c f5 00 e4 5c 61 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 1e 00 e4 5c c5 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c dd ff ff ff 00 ff ff ff 00 ff ff ff 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 1a 00 e4 5c ba 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c 99 00 e4 5c 07 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4
                                                                                                                                                                                                                                                                                                                                  Data Ascii: \\\\\\\\\a\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:12 UTC1357INData Raw: 00 00 e4 5c 00 ff ff ff 00 ff ff ff 00 ff ff ff 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 7d 00 e4 5c fd 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ff 00 e4 5c ee 00 e4 5c 5d 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 ff ff ff 00 ff ff ff 00 ff ff ff 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4 5c 00 00 e4
                                                                                                                                                                                                                                                                                                                                  Data Ascii: \\\\\\\\\\\\\\\\\}\\\\\\\\\\\\\\\]\\\\\\\\\\\\\\\\\\\\\\\\\


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  160192.168.2.7499453.248.162.964437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:13 UTC1803OUTGET /mon HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: obseu.ytwohlcq.telerik.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; cg_uuid=490a579c4dfc5a03b8ee2ef3e0a6a990; _fbp=fb.1.1713914994453.110516813; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjp0cnVlfQ==; _ga=GA1.2.925834404.1713914987; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A59+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=1&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1; _cq_pxg=3|n15624902978738937898069555|975652292|event=conversion; _ga_9JSNBCSF54=GS1.1.1713914987.1.1.1713914999.48.0.0; prgs_utm=%7B%22referrer%22%3A%22https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run%22%7D; _gat_UA-111455-1=1; _gat_UA-111455-74=1
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:13 UTC268INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: undefined
                                                                                                                                                                                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/json
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:13 GMT
                                                                                                                                                                                                                                                                                                                                  Connection: close


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  161192.168.2.7499473.248.162.964437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:16 UTC2078OUTPOST /mon HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: obseu.ytwohlcq.telerik.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  Content-Length: 2167
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; cg_uuid=490a579c4dfc5a03b8ee2ef3e0a6a990; _fbp=fb.1.1713914994453.110516813; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjp0cnVlfQ==; _ga=GA1.2.925834404.1713914987; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A59+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=1&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1; _cq_pxg=3|n15624902978738937898069555|975652292|event=conversion; _ga_9JSNBCSF54=GS1.1.1713914987.1.1.1713914999.48.0.0; prgs_utm=%7B%22referrer%22%3A%22https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run%22%7D; _gat_UA-111455-1=1; _gat_UA-111455-74=1
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:16 UTC2167OUTData Raw: 65 3d 33 37 64 66 62 64 38 65 65 38 34 65 30 30 31 32 36 62 65 64 63 65 33 34 65 66 34 37 38 61 39 64 39 32 32 35 63 32 34 66 35 36 37 64 34 33 64 36 64 61 31 39 30 38 62 65 36 32 34 35 63 61 64 37 62 64 37 30 61 39 37 36 37 31 30 63 65 36 30 65 64 38 39 33 37 33 62 66 65 37 30 65 39 63 32 30 63 31 65 35 33 65 38 64 35 64 31 36 38 62 36 61 32 66 31 37 30 37 31 61 31 30 61 63 66 39 66 32 39 66 36 37 34 64 38 62 38 33 64 38 30 32 32 62 33 36 34 38 66 61 32 63 32 31 35 37 38 32 36 61 64 66 36 31 39 35 30 63 36 35 35 30 32 31 63 36 30 34 30 33 30 61 33 35 35 35 35 39 39 37 62 37 36 32 34 66 37 37 62 65 32 36 62 62 32 35 63 62 34 33 65 32 39 32 33 65 66 34 34 63 36 65 61 61 31 33 32 63 37 61 31 34 63 34 35 30 65 61 35 34 65 32 38 35 39 32 39 63 36 38 66 33 37
                                                                                                                                                                                                                                                                                                                                  Data Ascii: e=37dfbd8ee84e00126bedce34ef478a9d9225c24f567d43d6da1908be6245cad7bd70a976710ce60ed89373bfe70e9c20c1e53e8d5d168b6a2f17071a10acf9f29f674d8b83d8022b3648fa2c2157826adf61950c655021c604030a35555997b7624f77be26bb25cb43e2923ef44c6eaa132c7a14c450ea54e285929c68f37
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:17 UTC282INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/json
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:16 GMT
                                                                                                                                                                                                                                                                                                                                  Connection: close


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  162192.168.2.7499483.248.162.964437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:18 UTC1803OUTGET /mon HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: obseu.ytwohlcq.telerik.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; cg_uuid=490a579c4dfc5a03b8ee2ef3e0a6a990; _fbp=fb.1.1713914994453.110516813; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjp0cnVlfQ==; _ga=GA1.2.925834404.1713914987; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A59+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=1&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1; _cq_pxg=3|n15624902978738937898069555|975652292|event=conversion; _ga_9JSNBCSF54=GS1.1.1713914987.1.1.1713914999.48.0.0; prgs_utm=%7B%22referrer%22%3A%22https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run%22%7D; _gat_UA-111455-1=1; _gat_UA-111455-74=1
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:18 UTC268INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: undefined
                                                                                                                                                                                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/json
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:18 GMT
                                                                                                                                                                                                                                                                                                                                  Connection: close


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  163192.168.2.7499543.248.162.964437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:30 UTC2078OUTPOST /mon HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: obseu.ytwohlcq.telerik.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  Content-Length: 2169
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; cg_uuid=490a579c4dfc5a03b8ee2ef3e0a6a990; _fbp=fb.1.1713914994453.110516813; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjp0cnVlfQ==; _ga=GA1.2.925834404.1713914987; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A59+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=1&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1; _cq_pxg=3|n15624902978738937898069555|975652292|event=conversion; _ga_9JSNBCSF54=GS1.1.1713914987.1.1.1713914999.48.0.0; prgs_utm=%7B%22referrer%22%3A%22https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run%22%7D; _gat_UA-111455-1=1; _gat_UA-111455-74=1
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:30 UTC2169OUTData Raw: 65 3d 33 37 64 66 62 64 38 65 65 38 34 65 30 30 31 32 36 62 65 64 63 65 33 34 65 66 34 37 38 61 39 64 39 32 32 35 63 32 34 66 35 36 37 64 34 33 64 36 64 61 31 39 30 38 62 65 36 32 34 35 63 61 64 37 62 64 37 30 61 39 37 36 37 31 30 63 65 36 30 65 64 38 39 33 37 33 62 66 65 37 30 65 39 63 32 30 63 31 65 35 33 65 38 64 35 64 31 36 38 62 36 61 32 66 31 37 30 37 31 61 31 30 61 63 66 39 66 32 39 66 36 37 34 64 38 62 38 33 64 38 30 32 32 62 33 36 34 38 66 61 32 63 32 31 35 37 38 32 36 61 64 66 36 31 39 35 30 63 36 35 35 30 32 31 63 36 30 34 30 33 30 61 33 35 35 35 35 39 39 37 62 37 36 32 34 66 37 37 62 65 32 36 62 62 32 35 63 62 34 33 65 32 39 32 33 65 66 34 34 63 36 65 61 61 31 33 32 63 37 61 31 34 63 34 35 30 65 61 35 34 65 32 38 35 39 32 39 63 36 38 66 33 37
                                                                                                                                                                                                                                                                                                                                  Data Ascii: e=37dfbd8ee84e00126bedce34ef478a9d9225c24f567d43d6da1908be6245cad7bd70a976710ce60ed89373bfe70e9c20c1e53e8d5d168b6a2f17071a10acf9f29f674d8b83d8022b3648fa2c2157826adf61950c655021c604030a35555997b7624f77be26bb25cb43e2923ef44c6eaa132c7a14c450ea54e285929c68f37
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:31 UTC282INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/json
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:31 GMT
                                                                                                                                                                                                                                                                                                                                  Connection: close


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  164192.168.2.7499533.248.162.964437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:30 UTC2078OUTPOST /mon HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: obseu.ytwohlcq.telerik.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  Content-Length: 2169
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; cg_uuid=490a579c4dfc5a03b8ee2ef3e0a6a990; _fbp=fb.1.1713914994453.110516813; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjp0cnVlfQ==; _ga=GA1.2.925834404.1713914987; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A59+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=1&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1; _cq_pxg=3|n15624902978738937898069555|975652292|event=conversion; _ga_9JSNBCSF54=GS1.1.1713914987.1.1.1713914999.48.0.0; prgs_utm=%7B%22referrer%22%3A%22https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run%22%7D; _gat_UA-111455-1=1; _gat_UA-111455-74=1
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:30 UTC2169OUTData Raw: 65 3d 33 37 64 66 62 64 38 65 65 38 34 65 30 30 31 32 36 62 65 64 63 65 33 34 65 66 34 37 38 61 39 64 39 32 32 35 63 32 34 66 35 36 37 64 34 33 64 36 64 61 31 39 30 38 62 65 36 32 34 35 63 61 64 37 62 64 37 30 61 39 37 36 37 31 30 63 65 36 30 65 64 38 39 33 37 33 62 66 65 37 30 65 39 63 32 30 63 31 65 35 33 65 38 64 35 64 31 36 38 62 36 61 32 66 31 37 30 37 31 61 31 30 61 63 66 39 66 32 39 66 36 37 34 64 38 62 38 33 64 38 30 32 32 62 33 36 34 38 66 61 32 63 32 31 35 37 38 32 36 61 64 66 36 31 39 35 30 63 36 35 35 30 32 31 63 36 30 34 30 33 30 61 33 35 35 35 35 39 39 37 62 37 36 32 34 66 37 37 62 65 32 36 62 62 32 35 63 62 34 33 65 32 39 32 33 65 66 34 34 63 36 65 61 61 31 33 32 63 37 61 31 34 63 34 35 30 65 61 35 34 65 32 38 35 39 32 39 63 36 38 66 33 37
                                                                                                                                                                                                                                                                                                                                  Data Ascii: e=37dfbd8ee84e00126bedce34ef478a9d9225c24f567d43d6da1908be6245cad7bd70a976710ce60ed89373bfe70e9c20c1e53e8d5d168b6a2f17071a10acf9f29f674d8b83d8022b3648fa2c2157826adf61950c655021c604030a35555997b7624f77be26bb25cb43e2923ef44c6eaa132c7a14c450ea54e285929c68f37
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:31 UTC282INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/json
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:31 GMT
                                                                                                                                                                                                                                                                                                                                  Connection: close


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  165192.168.2.7499523.248.162.964437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:30 UTC2078OUTPOST /mon HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: obseu.ytwohlcq.telerik.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  Content-Length: 2170
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Referer: https://www.telerik.com/
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; cg_uuid=490a579c4dfc5a03b8ee2ef3e0a6a990; _fbp=fb.1.1713914994453.110516813; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjp0cnVlfQ==; _ga=GA1.2.925834404.1713914987; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A59+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=1&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1; _cq_pxg=3|n15624902978738937898069555|975652292|event=conversion; _ga_9JSNBCSF54=GS1.1.1713914987.1.1.1713914999.48.0.0; prgs_utm=%7B%22referrer%22%3A%22https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run%22%7D; _gat_UA-111455-1=1; _gat_UA-111455-74=1
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:30 UTC2170OUTData Raw: 65 3d 33 37 64 66 62 64 38 65 65 38 34 65 30 30 31 32 36 62 65 64 63 65 33 34 65 66 34 37 38 61 39 64 39 32 32 35 63 32 34 66 35 36 37 64 34 33 64 36 64 61 31 39 30 38 62 65 36 32 34 35 63 61 64 37 62 64 37 30 61 39 37 36 37 31 30 63 65 36 30 65 64 38 39 33 37 33 62 66 65 37 30 65 39 63 32 30 63 31 65 35 33 65 38 64 35 64 31 36 38 62 36 61 32 66 31 37 30 37 31 61 31 30 61 63 66 39 66 32 39 66 36 37 34 64 38 62 38 33 64 38 30 32 32 62 33 36 34 38 66 61 32 63 32 31 35 37 38 32 36 61 64 66 36 31 39 35 30 63 36 35 35 30 32 31 63 36 30 34 30 33 30 61 33 35 35 35 35 39 39 37 62 37 36 32 34 66 37 37 62 65 32 36 62 62 32 35 63 62 34 33 65 32 39 32 33 65 66 34 34 63 36 65 61 61 31 33 32 63 37 61 31 34 63 34 35 30 65 61 35 34 65 32 38 35 39 32 39 63 36 38 66 33 37
                                                                                                                                                                                                                                                                                                                                  Data Ascii: e=37dfbd8ee84e00126bedce34ef478a9d9225c24f567d43d6da1908be6245cad7bd70a976710ce60ed89373bfe70e9c20c1e53e8d5d168b6a2f17071a10acf9f29f674d8b83d8022b3648fa2c2157826adf61950c655021c604030a35555997b7624f77be26bb25cb43e2923ef44c6eaa132c7a14c450ea54e285929c68f37
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:31 UTC282INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: https://www.telerik.com
                                                                                                                                                                                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/json
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:31 GMT
                                                                                                                                                                                                                                                                                                                                  Connection: close


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  166192.168.2.7499553.248.162.964437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:32 UTC1803OUTGET /mon HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: obseu.ytwohlcq.telerik.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; cg_uuid=490a579c4dfc5a03b8ee2ef3e0a6a990; _fbp=fb.1.1713914994453.110516813; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjp0cnVlfQ==; _ga=GA1.2.925834404.1713914987; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A59+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=1&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1; _cq_pxg=3|n15624902978738937898069555|975652292|event=conversion; _ga_9JSNBCSF54=GS1.1.1713914987.1.1.1713914999.48.0.0; prgs_utm=%7B%22referrer%22%3A%22https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run%22%7D; _gat_UA-111455-1=1; _gat_UA-111455-74=1
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:32 UTC268INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: undefined
                                                                                                                                                                                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/json
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:32 GMT
                                                                                                                                                                                                                                                                                                                                  Connection: close


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  167192.168.2.7499563.248.162.964437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:33 UTC1803OUTGET /mon HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: obseu.ytwohlcq.telerik.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; cg_uuid=490a579c4dfc5a03b8ee2ef3e0a6a990; _fbp=fb.1.1713914994453.110516813; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjp0cnVlfQ==; _ga=GA1.2.925834404.1713914987; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A59+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=1&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1; _cq_pxg=3|n15624902978738937898069555|975652292|event=conversion; _ga_9JSNBCSF54=GS1.1.1713914987.1.1.1713914999.48.0.0; prgs_utm=%7B%22referrer%22%3A%22https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run%22%7D; _gat_UA-111455-1=1; _gat_UA-111455-74=1
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:33 UTC268INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: undefined
                                                                                                                                                                                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/json
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:33 GMT
                                                                                                                                                                                                                                                                                                                                  Connection: close


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  168192.168.2.7499573.248.162.964437880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:34 UTC1803OUTGET /mon HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Host: obseu.ytwohlcq.telerik.com
                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                  Cookie: gauuid=ab4f4920-d85c-474f-a63e-5eb329c1b0f2; _gid=GA1.2.1225407003.1713914987; _dc_gtm_UA-111455-1=1; _dc_gtm_UA-111455-74=1; _gcl_au=1.1.571138784.1713914988; _cq_duid=1.1713914987.ttMfVwhY9k56diVz; _cq_suid=1.1713914987.pGYyDePOB7d0lADU; gaClientId=925834404.1713914987; sf-data-intell-subject=1713914989469-091773f3-900a-45d2-be08-a1d5b45dfe42; sf-ins-ssid=1713914989469-1577d358-cc84-4a51-bfa9-1082a2e5a7de; _hjSession_66905=eyJpZCI6IjlmYjI0YTZlLTcwMTUtNDQ2OS05MjYyLTk3M2EyMzEwYmY4NiIsImMiOjE3MTM5MTQ5ODk1NzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; cg_uuid=490a579c4dfc5a03b8ee2ef3e0a6a990; _fbp=fb.1.1713914994453.110516813; _hjSessionUser_66905=eyJpZCI6ImNhYTQ4N2YxLWIzOWUtNWM5ZS1hODIzLWE2ZGY2YmJjYjkxMyIsImNyZWF0ZWQiOjE3MTM5MTQ5ODk1NjksImV4aXN0aW5nIjp0cnVlfQ==; _ga=GA1.2.925834404.1713914987; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Apr+24+2024+01%3A29%3A59+GMT%2B0200+(Central+European+Summer+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6e4ff5a7-98c9-40d3-ace0-ea7f367e8906&interactionCount=1&landingPath=https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1; _cq_pxg=3|n15624902978738937898069555|975652292|event=conversion; _ga_9JSNBCSF54=GS1.1.1713914987.1.1.1713914999.48.0.0; prgs_utm=%7B%22referrer%22%3A%22https%3A%2F%2Fwww.telerik.com%2Fdownload%2Ffiddler%2Ffirst-run%22%7D; _gat_UA-111455-1=1; _gat_UA-111455-74=1
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:34 UTC268INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
                                                                                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: undefined
                                                                                                                                                                                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/json
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:34 GMT
                                                                                                                                                                                                                                                                                                                                  Connection: close


                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                  169192.168.2.74995852.165.165.26443
                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:38 UTC306OUTGET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=dswWbrh3M+huW3O&MD=8amD1xGW HTTP/1.1
                                                                                                                                                                                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                  User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                                                                                                                                                                                                                                                                                                                                  Host: slscr.update.microsoft.com
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:38 UTC560INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                  Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                                                                  Expires: -1
                                                                                                                                                                                                                                                                                                                                  Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                                                                                                                                                                                                                                                                                                                                  ETag: "Mx1RoJH/qEwpWfKllx7sbsl28AuERz5IYdcsvtTJcgM=_2160"
                                                                                                                                                                                                                                                                                                                                  MS-CorrelationId: 036e96f3-92d1-4099-94e1-7ca96e3502c3
                                                                                                                                                                                                                                                                                                                                  MS-RequestId: de30fc22-0d98-4a45-b8fe-a354921f986e
                                                                                                                                                                                                                                                                                                                                  MS-CV: cIZdDblWUkOwgJW0.0
                                                                                                                                                                                                                                                                                                                                  X-Microsoft-SLSClientCache: 2160
                                                                                                                                                                                                                                                                                                                                  Content-Disposition: attachment; filename=environment.cab
                                                                                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                  Date: Tue, 23 Apr 2024 23:30:37 GMT
                                                                                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                                                                                  Content-Length: 25457
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:38 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 51 22 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 db 8e 00 00 14 00 00 00 00 00 10 00 51 22 00 00 20 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 f3 43 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 0d 92 6f db e5 21 f3 43 43 4b ed 5a 09 38 55 5b df 3f 93 99 90 29 99 e7 29 ec 73 cc 4a 66 32 cf 84 32 64 c8 31 c7 11 52 38 87 90 42 66 09 99 87 32 0f 19 0a 09 51 a6 a8 08 29 53 86 4a 52 84 50 df 46 83 ba dd 7b df fb 7e ef 7d ee 7d bf ef 9e e7 d9 67 ef 35 ee b5 fe eb 3f ff b6 96 81 a2 0a 04 fc 31 40 21 5b 3f a5 ed 1b 04 0e 85 42 a0 10 04 64 12 6c a5 de aa a1 d8 ea f3 58 01 f2 f5 67 0b 5e 9b bd e8 a0 90 1d bf 40 88 9d eb 49 b4 87 9b ab 8b 9d 2b 46 c8 c7 c5 19 92
                                                                                                                                                                                                                                                                                                                                  Data Ascii: MSCFQ"DQ" AdCenvironment.cabo!CCKZ8U[?))sJf22d1R8Bf2Q)SJRPF{~}}g5?1@![?BdlXg^@I+F
                                                                                                                                                                                                                                                                                                                                  2024-04-23 23:30:38 UTC9633INData Raw: 21 6f b3 eb a6 cc f5 31 be cf 05 e2 a9 fe fa 57 6d 19 30 b3 c2 c5 66 c9 6a df f5 e7 f0 78 bd c7 a8 9e 25 e3 f9 bc ed 6b 54 57 08 2b 51 82 44 12 fb b9 53 8c cc f4 60 12 8a 76 cc 40 40 41 9b dc 5c 17 ff 5c f9 5e 17 35 98 24 56 4b 74 ef 42 10 c8 af bf 7f c6 7f f2 37 7d 5a 3f 1c f2 99 79 4a 91 52 00 af 38 0f 17 f5 2f 79 81 65 d9 a9 b5 6b e4 c7 ce f6 ca 7a 00 6f 4b 30 44 24 22 3c cf ed 03 a5 96 8f 59 29 bc b6 fd 04 e1 70 9f 32 4a 27 fd 55 af 2f fe b6 e5 8e 33 bb 62 5f 9a db 57 40 e9 f1 ce 99 66 90 8c ff 6a 62 7f dd c5 4a 0b 91 26 e2 39 ec 19 4a 71 63 9d 7b 21 6d c3 9c a3 a2 3c fa 7f 7d 96 6a 90 78 a6 6d d2 e1 9c f9 1d fc 38 d8 94 f4 c6 a5 0a 96 86 a4 bd 9e 1a ae 04 42 83 b8 b5 80 9b 22 38 20 b5 25 e5 64 ec f7 f4 bf 7e 63 59 25 0f 7a 2e 39 57 76 a2 71 aa 06 8a
                                                                                                                                                                                                                                                                                                                                  Data Ascii: !o1Wm0fjx%kTW+QDS`v@@A\\^5$VKtB7}Z?yJR8/yekzoK0D$"<Y)p2J'U/3b_W@fjbJ&9Jqc{!m<}jxm8B"8 %d~cY%z.9Wvq


                                                                                                                                                                                                                                                                                                                                  Statistics

                                                                                                                                                                                                                                                                                                                                  CPU Usage

                                                                                                                                                                                                                                                                                                                                  Click to jump to process

                                                                                                                                                                                                                                                                                                                                  Memory Usage

                                                                                                                                                                                                                                                                                                                                  Click to jump to process

                                                                                                                                                                                                                                                                                                                                  High Level Behavior Distribution

                                                                                                                                                                                                                                                                                                                                  Click to dive into process behavior distribution

                                                                                                                                                                                                                                                                                                                                  Behavior

                                                                                                                                                                                                                                                                                                                                  Click to jump to process

                                                                                                                                                                                                                                                                                                                                  System Behavior

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:1
                                                                                                                                                                                                                                                                                                                                  Start time:01:29:07
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                  Commandline:"C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x400000
                                                                                                                                                                                                                                                                                                                                  File size:4'632'256 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:78537045A5E032D4AC93514F027C7A47
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Reputation:low
                                                                                                                                                                                                                                                                                                                                  Has exited:false

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:3
                                                                                                                                                                                                                                                                                                                                  Start time:01:29:08
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Users\user\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                  Commandline:"C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" /D=
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x400000
                                                                                                                                                                                                                                                                                                                                  File size:4'558'424 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:5D96B95B066D797C7C468D125882DDCF
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Antivirus matches:
                                                                                                                                                                                                                                                                                                                                  • Detection: 3%, ReversingLabs
                                                                                                                                                                                                                                                                                                                                  Reputation:low
                                                                                                                                                                                                                                                                                                                                  Has exited:false

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:12
                                                                                                                                                                                                                                                                                                                                  Start time:01:29:17
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\SysWOW64\netsh.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                  Commandline:"C:\Windows\system32\netsh.exe" advfirewall firewall delete rule name="FiddlerProxy"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x1770000
                                                                                                                                                                                                                                                                                                                                  File size:82'432 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:4E89A1A088BE715D6C946E55AB07C7DF
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Reputation:moderate
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:13
                                                                                                                                                                                                                                                                                                                                  Start time:01:29:17
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff75da10000
                                                                                                                                                                                                                                                                                                                                  File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Reputation:high
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:14
                                                                                                                                                                                                                                                                                                                                  Start time:01:29:17
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\SysWOW64\netsh.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                  Commandline:"C:\Windows\system32\netsh.exe" advfirewall firewall add rule name="FiddlerProxy" program="C:\Users\user\AppData\Local\Programs\Fiddler\Fiddler.exe" action=allow profile=any dir=in edge=deferuser protocol=tcp description="Permit inbound connections to Fiddler"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x1770000
                                                                                                                                                                                                                                                                                                                                  File size:82'432 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:4E89A1A088BE715D6C946E55AB07C7DF
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Reputation:moderate
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:15
                                                                                                                                                                                                                                                                                                                                  Start time:01:29:17
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff75da10000
                                                                                                                                                                                                                                                                                                                                  File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Reputation:high
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:16
                                                                                                                                                                                                                                                                                                                                  Start time:01:29:17
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exe" install "C:\Users\user\AppData\Local\Programs\Fiddler\Fiddler.exe"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff7457e0000
                                                                                                                                                                                                                                                                                                                                  File size:174'552 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:B6C3FE33B436E5006514403824F17C66
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Reputation:moderate
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:17
                                                                                                                                                                                                                                                                                                                                  Start time:01:29:17
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff75da10000
                                                                                                                                                                                                                                                                                                                                  File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Reputation:high
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:18
                                                                                                                                                                                                                                                                                                                                  Start time:01:29:17
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exe" install "C:\Users\user\AppData\Local\Programs\Fiddler\EnableLoopback.exe"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff7457e0000
                                                                                                                                                                                                                                                                                                                                  File size:174'552 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:B6C3FE33B436E5006514403824F17C66
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Reputation:moderate
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:19
                                                                                                                                                                                                                                                                                                                                  Start time:01:29:17
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Users\user\AppData\Local\Programs\Fiddler\SetupHelper
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                  Commandline:"C:\Users\user\AppData\Local\Programs\Fiddler\SetupHelper" /a "C:\Users\user\AppData\Local\Programs\Fiddler"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x770000
                                                                                                                                                                                                                                                                                                                                  File size:19'280 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:1289DC21A51FB89E685FA4C91764C00E
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Antivirus matches:
                                                                                                                                                                                                                                                                                                                                  • Detection: 0%, ReversingLabs
                                                                                                                                                                                                                                                                                                                                  Reputation:low
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:20
                                                                                                                                                                                                                                                                                                                                  Start time:01:29:17
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff75da10000
                                                                                                                                                                                                                                                                                                                                  File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Reputation:high
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:21
                                                                                                                                                                                                                                                                                                                                  Start time:01:29:17
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff75da10000
                                                                                                                                                                                                                                                                                                                                  File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Reputation:high
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:22
                                                                                                                                                                                                                                                                                                                                  Start time:01:29:18
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 1cc -InterruptEvent 0 -NGENProcess 1bc -Pipe 1c8 -Comment "NGen Worker Process"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff714030000
                                                                                                                                                                                                                                                                                                                                  File size:151'984 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:412A3FB0C25743DA59375C1E298933EA
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Reputation:moderate
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:24
                                                                                                                                                                                                                                                                                                                                  Start time:01:29:19
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://fiddler2.com/r/?Fiddler2FirstRun
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff6c4390000
                                                                                                                                                                                                                                                                                                                                  File size:3'242'272 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:5BBFA6CBDF4C254EB368D534F9E23C92
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Reputation:high
                                                                                                                                                                                                                                                                                                                                  Has exited:false

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:27
                                                                                                                                                                                                                                                                                                                                  Start time:01:29:20
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2660 --field-trial-handle=2244,i,18061082204408847072,8654867018620333004,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff6c4390000
                                                                                                                                                                                                                                                                                                                                  File size:3'242'272 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:5BBFA6CBDF4C254EB368D534F9E23C92
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Reputation:high
                                                                                                                                                                                                                                                                                                                                  Has exited:false

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:28
                                                                                                                                                                                                                                                                                                                                  Start time:01:29:21
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 26c -InterruptEvent 0 -NGENProcess 260 -Pipe 268 -Comment "NGen Worker Process"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff714030000
                                                                                                                                                                                                                                                                                                                                  File size:151'984 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:412A3FB0C25743DA59375C1E298933EA
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Reputation:moderate
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:29
                                                                                                                                                                                                                                                                                                                                  Start time:01:29:21
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 27c -InterruptEvent 0 -NGENProcess 270 -Pipe 278 -Comment "NGen Worker Process"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff714030000
                                                                                                                                                                                                                                                                                                                                  File size:151'984 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:412A3FB0C25743DA59375C1E298933EA
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:30
                                                                                                                                                                                                                                                                                                                                  Start time:01:29:21
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 28c -InterruptEvent 0 -NGENProcess 280 -Pipe 288 -Comment "NGen Worker Process"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff714030000
                                                                                                                                                                                                                                                                                                                                  File size:151'984 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:412A3FB0C25743DA59375C1E298933EA
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:31
                                                                                                                                                                                                                                                                                                                                  Start time:01:29:21
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 29c -InterruptEvent 0 -NGENProcess 290 -Pipe 298 -Comment "NGen Worker Process"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff714030000
                                                                                                                                                                                                                                                                                                                                  File size:151'984 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:412A3FB0C25743DA59375C1E298933EA
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:33
                                                                                                                                                                                                                                                                                                                                  Start time:01:29:26
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2ec -InterruptEvent 0 -NGENProcess 2dc -Pipe 264 -Comment "NGen Worker Process"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff714030000
                                                                                                                                                                                                                                                                                                                                  File size:151'984 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:412A3FB0C25743DA59375C1E298933EA
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:34
                                                                                                                                                                                                                                                                                                                                  Start time:01:29:27
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2c8 -InterruptEvent 0 -NGENProcess 2fc -Pipe 290 -Comment "NGen Worker Process"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff714030000
                                                                                                                                                                                                                                                                                                                                  File size:151'984 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:412A3FB0C25743DA59375C1E298933EA
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:35
                                                                                                                                                                                                                                                                                                                                  Start time:02:32:50
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2fc -InterruptEvent 0 -NGENProcess 26c -Pipe 2c8 -Comment "NGen Worker Process"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff714030000
                                                                                                                                                                                                                                                                                                                                  File size:151'984 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:412A3FB0C25743DA59375C1E298933EA
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:36
                                                                                                                                                                                                                                                                                                                                  Start time:02:32:50
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2f4 -InterruptEvent 0 -NGENProcess 294 -Pipe 304 -Comment "NGen Worker Process"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff714030000
                                                                                                                                                                                                                                                                                                                                  File size:151'984 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:412A3FB0C25743DA59375C1E298933EA
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:37
                                                                                                                                                                                                                                                                                                                                  Start time:02:32:51
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 314 -InterruptEvent 0 -NGENProcess 2f0 -Pipe 2ec -Comment "NGen Worker Process"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff714030000
                                                                                                                                                                                                                                                                                                                                  File size:151'984 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:412A3FB0C25743DA59375C1E298933EA
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:38
                                                                                                                                                                                                                                                                                                                                  Start time:02:32:55
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 314 -InterruptEvent 0 -NGENProcess 2f0 -Pipe 2f4 -Comment "NGen Worker Process"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff714030000
                                                                                                                                                                                                                                                                                                                                  File size:151'984 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:412A3FB0C25743DA59375C1E298933EA
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:39
                                                                                                                                                                                                                                                                                                                                  Start time:02:32:56
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 308 -InterruptEvent 0 -NGENProcess 2f4 -Pipe 264 -Comment "NGen Worker Process"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff714030000
                                                                                                                                                                                                                                                                                                                                  File size:151'984 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:412A3FB0C25743DA59375C1E298933EA
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:40
                                                                                                                                                                                                                                                                                                                                  Start time:02:32:56
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 270 -InterruptEvent 0 -NGENProcess 2dc -Pipe 304 -Comment "NGen Worker Process"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff714030000
                                                                                                                                                                                                                                                                                                                                  File size:151'984 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:412A3FB0C25743DA59375C1E298933EA
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:41
                                                                                                                                                                                                                                                                                                                                  Start time:02:33:05
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 270 -InterruptEvent 0 -NGENProcess 330 -Pipe 328 -Comment "NGen Worker Process"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff714030000
                                                                                                                                                                                                                                                                                                                                  File size:151'984 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:412A3FB0C25743DA59375C1E298933EA
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:42
                                                                                                                                                                                                                                                                                                                                  Start time:02:33:07
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 318 -InterruptEvent 0 -NGENProcess 320 -Pipe 30c -Comment "NGen Worker Process"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff714030000
                                                                                                                                                                                                                                                                                                                                  File size:151'984 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:412A3FB0C25743DA59375C1E298933EA
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:43
                                                                                                                                                                                                                                                                                                                                  Start time:02:33:08
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 324 -InterruptEvent 0 -NGENProcess 18c -Pipe 330 -Comment "NGen Worker Process"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff714030000
                                                                                                                                                                                                                                                                                                                                  File size:151'984 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:412A3FB0C25743DA59375C1E298933EA
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:44
                                                                                                                                                                                                                                                                                                                                  Start time:02:33:08
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2f4 -InterruptEvent 0 -NGENProcess 280 -Pipe 270 -Comment "NGen Worker Process"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff714030000
                                                                                                                                                                                                                                                                                                                                  File size:151'984 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:412A3FB0C25743DA59375C1E298933EA
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:45
                                                                                                                                                                                                                                                                                                                                  Start time:02:33:09
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2dc -InterruptEvent 0 -NGENProcess 324 -Pipe 2f4 -Comment "NGen Worker Process"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff714030000
                                                                                                                                                                                                                                                                                                                                  File size:151'984 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:412A3FB0C25743DA59375C1E298933EA
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:46
                                                                                                                                                                                                                                                                                                                                  Start time:02:33:09
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 260 -InterruptEvent 0 -NGENProcess 2a4 -Pipe 328 -Comment "NGen Worker Process"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff714030000
                                                                                                                                                                                                                                                                                                                                  File size:151'984 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:412A3FB0C25743DA59375C1E298933EA
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:47
                                                                                                                                                                                                                                                                                                                                  Start time:02:33:10
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 328 -InterruptEvent 0 -NGENProcess 338 -Pipe 18c -Comment "NGen Worker Process"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff714030000
                                                                                                                                                                                                                                                                                                                                  File size:151'984 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:412A3FB0C25743DA59375C1E298933EA
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:48
                                                                                                                                                                                                                                                                                                                                  Start time:02:33:11
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2dc -InterruptEvent 0 -NGENProcess 320 -Pipe 334 -Comment "NGen Worker Process"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff714030000
                                                                                                                                                                                                                                                                                                                                  File size:151'984 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:412A3FB0C25743DA59375C1E298933EA
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:49
                                                                                                                                                                                                                                                                                                                                  Start time:02:33:11
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 318 -InterruptEvent 0 -NGENProcess 34c -Pipe 31c -Comment "NGen Worker Process"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff714030000
                                                                                                                                                                                                                                                                                                                                  File size:151'984 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:412A3FB0C25743DA59375C1E298933EA
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:50
                                                                                                                                                                                                                                                                                                                                  Start time:02:33:12
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 324 -InterruptEvent 0 -NGENProcess 354 -Pipe 328 -Comment "NGen Worker Process"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff714030000
                                                                                                                                                                                                                                                                                                                                  File size:151'984 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:412A3FB0C25743DA59375C1E298933EA
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:51
                                                                                                                                                                                                                                                                                                                                  Start time:02:33:12
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 364 -InterruptEvent 0 -NGENProcess 340 -Pipe 360 -Comment "NGen Worker Process"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff714030000
                                                                                                                                                                                                                                                                                                                                  File size:151'984 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:412A3FB0C25743DA59375C1E298933EA
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:52
                                                                                                                                                                                                                                                                                                                                  Start time:02:33:13
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 388 -InterruptEvent 0 -NGENProcess 38c -Pipe 398 -Comment "NGen Worker Process"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff714030000
                                                                                                                                                                                                                                                                                                                                  File size:151'984 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:412A3FB0C25743DA59375C1E298933EA
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:53
                                                                                                                                                                                                                                                                                                                                  Start time:02:33:14
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 388 -InterruptEvent 0 -NGENProcess 370 -Pipe 36c -Comment "NGen Worker Process"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff714030000
                                                                                                                                                                                                                                                                                                                                  File size:151'984 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:412A3FB0C25743DA59375C1E298933EA
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:54
                                                                                                                                                                                                                                                                                                                                  Start time:02:33:14
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3b4 -InterruptEvent 0 -NGENProcess 3a8 -Pipe 3b0 -Comment "NGen Worker Process"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff714030000
                                                                                                                                                                                                                                                                                                                                  File size:151'984 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:412A3FB0C25743DA59375C1E298933EA
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:55
                                                                                                                                                                                                                                                                                                                                  Start time:02:33:14
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3ac -InterruptEvent 0 -NGENProcess 3cc -Pipe 394 -Comment "NGen Worker Process"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff714030000
                                                                                                                                                                                                                                                                                                                                  File size:151'984 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:412A3FB0C25743DA59375C1E298933EA
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:56
                                                                                                                                                                                                                                                                                                                                  Start time:02:33:14
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3a8 -InterruptEvent 0 -NGENProcess 3ac -Pipe 384 -Comment "NGen Worker Process"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff714030000
                                                                                                                                                                                                                                                                                                                                  File size:151'984 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:412A3FB0C25743DA59375C1E298933EA
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:57
                                                                                                                                                                                                                                                                                                                                  Start time:02:33:14
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3d8 -InterruptEvent 0 -NGENProcess 3dc -Pipe 3e8 -Comment "NGen Worker Process"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff714030000
                                                                                                                                                                                                                                                                                                                                  File size:151'984 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:412A3FB0C25743DA59375C1E298933EA
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:58
                                                                                                                                                                                                                                                                                                                                  Start time:02:33:14
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3a8 -InterruptEvent 0 -NGENProcess 3b4 -Pipe 280 -Comment "NGen Worker Process"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff714030000
                                                                                                                                                                                                                                                                                                                                  File size:151'984 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:412A3FB0C25743DA59375C1E298933EA
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:59
                                                                                                                                                                                                                                                                                                                                  Start time:02:33:14
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 38c -InterruptEvent 0 -NGENProcess 3a4 -Pipe 370 -Comment "NGen Worker Process"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff714030000
                                                                                                                                                                                                                                                                                                                                  File size:151'984 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:412A3FB0C25743DA59375C1E298933EA
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:60
                                                                                                                                                                                                                                                                                                                                  Start time:02:33:14
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3b8 -InterruptEvent 0 -NGENProcess 3d0 -Pipe 3c4 -Comment "NGen Worker Process"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff714030000
                                                                                                                                                                                                                                                                                                                                  File size:151'984 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:412A3FB0C25743DA59375C1E298933EA
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:61
                                                                                                                                                                                                                                                                                                                                  Start time:02:33:14
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3b8 -InterruptEvent 0 -NGENProcess 3e4 -Pipe 3e0 -Comment "NGen Worker Process"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff714030000
                                                                                                                                                                                                                                                                                                                                  File size:151'984 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:412A3FB0C25743DA59375C1E298933EA
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:62
                                                                                                                                                                                                                                                                                                                                  Start time:02:33:15
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3ac -InterruptEvent 0 -NGENProcess 3ec -Pipe 3c0 -Comment "NGen Worker Process"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff714030000
                                                                                                                                                                                                                                                                                                                                  File size:151'984 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:412A3FB0C25743DA59375C1E298933EA
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:63
                                                                                                                                                                                                                                                                                                                                  Start time:02:33:15
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3b8 -InterruptEvent 0 -NGENProcess 3a8 -Pipe 3c8 -Comment "NGen Worker Process"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff714030000
                                                                                                                                                                                                                                                                                                                                  File size:151'984 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:412A3FB0C25743DA59375C1E298933EA
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:64
                                                                                                                                                                                                                                                                                                                                  Start time:02:33:15
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3d0 -InterruptEvent 0 -NGENProcess 3e4 -Pipe 3ec -Comment "NGen Worker Process"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff714030000
                                                                                                                                                                                                                                                                                                                                  File size:151'984 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:412A3FB0C25743DA59375C1E298933EA
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:65
                                                                                                                                                                                                                                                                                                                                  Start time:02:33:16
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3d8 -InterruptEvent 0 -NGENProcess 3bc -Pipe 3b8 -Comment "NGen Worker Process"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff714030000
                                                                                                                                                                                                                                                                                                                                  File size:151'984 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:412A3FB0C25743DA59375C1E298933EA
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:66
                                                                                                                                                                                                                                                                                                                                  Start time:02:33:18
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 390 -InterruptEvent 0 -NGENProcess 3d8 -Pipe 3a0 -Comment "NGen Worker Process"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff714030000
                                                                                                                                                                                                                                                                                                                                  File size:151'984 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:412A3FB0C25743DA59375C1E298933EA
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:67
                                                                                                                                                                                                                                                                                                                                  Start time:02:33:18
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3d8 -InterruptEvent 0 -NGENProcess 3ac -Pipe 3d4 -Comment "NGen Worker Process"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff714030000
                                                                                                                                                                                                                                                                                                                                  File size:151'984 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:412A3FB0C25743DA59375C1E298933EA
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:68
                                                                                                                                                                                                                                                                                                                                  Start time:02:33:18
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 390 -InterruptEvent 0 -NGENProcess 3d8 -Pipe 3b8 -Comment "NGen Worker Process"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff714030000
                                                                                                                                                                                                                                                                                                                                  File size:151'984 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:412A3FB0C25743DA59375C1E298933EA
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:69
                                                                                                                                                                                                                                                                                                                                  Start time:02:33:18
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 3e4 -InterruptEvent 0 -NGENProcess 3d0 -Pipe 388 -Comment "NGen Worker Process"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff714030000
                                                                                                                                                                                                                                                                                                                                  File size:151'984 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:412A3FB0C25743DA59375C1E298933EA
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:70
                                                                                                                                                                                                                                                                                                                                  Start time:02:33:18
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 38c -InterruptEvent 0 -NGENProcess 3d8 -Pipe 3e4 -Comment "NGen Worker Process"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff714030000
                                                                                                                                                                                                                                                                                                                                  File size:151'984 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:412A3FB0C25743DA59375C1E298933EA
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:71
                                                                                                                                                                                                                                                                                                                                  Start time:02:33:18
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 1d4 -InterruptEvent 0 -NGENProcess 1c4 -Pipe 1d0 -Comment "NGen Worker Process"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff714030000
                                                                                                                                                                                                                                                                                                                                  File size:151'984 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:412A3FB0C25743DA59375C1E298933EA
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:72
                                                                                                                                                                                                                                                                                                                                  Start time:02:33:18
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2a4 -InterruptEvent 0 -NGENProcess 298 -Pipe 2a0 -Comment "NGen Worker Process"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff714030000
                                                                                                                                                                                                                                                                                                                                  File size:151'984 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:412A3FB0C25743DA59375C1E298933EA
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:73
                                                                                                                                                                                                                                                                                                                                  Start time:02:33:18
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2c0 -InterruptEvent 0 -NGENProcess 268 -Pipe 2bc -Comment "NGen Worker Process"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff714030000
                                                                                                                                                                                                                                                                                                                                  File size:151'984 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:412A3FB0C25743DA59375C1E298933EA
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:74
                                                                                                                                                                                                                                                                                                                                  Start time:02:33:18
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2b4 -InterruptEvent 0 -NGENProcess 2a8 -Pipe 2b0 -Comment "NGen Worker Process"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff714030000
                                                                                                                                                                                                                                                                                                                                  File size:151'984 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:412A3FB0C25743DA59375C1E298933EA
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:75
                                                                                                                                                                                                                                                                                                                                  Start time:02:33:18
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 260 -InterruptEvent 0 -NGENProcess 264 -Pipe 26c -Comment "NGen Worker Process"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff714030000
                                                                                                                                                                                                                                                                                                                                  File size:151'984 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:412A3FB0C25743DA59375C1E298933EA
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:76
                                                                                                                                                                                                                                                                                                                                  Start time:02:33:20
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 2c8 -InterruptEvent 0 -NGENProcess 300 -Pipe 334 -Comment "NGen Worker Process"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff714030000
                                                                                                                                                                                                                                                                                                                                  File size:151'984 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:412A3FB0C25743DA59375C1E298933EA
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:77
                                                                                                                                                                                                                                                                                                                                  Start time:02:33:20
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 270 -InterruptEvent 0 -NGENProcess 2b8 -Pipe 2c0 -Comment "NGen Worker Process"
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff714030000
                                                                                                                                                                                                                                                                                                                                  File size:151'984 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:412A3FB0C25743DA59375C1E298933EA
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                  Target ID:80
                                                                                                                                                                                                                                                                                                                                  Start time:02:33:30
                                                                                                                                                                                                                                                                                                                                  Start date:24/04/2024
                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff75da10000
                                                                                                                                                                                                                                                                                                                                  File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                                  MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                  Disassembly

                                                                                                                                                                                                                                                                                                                                  Reset < >

                                                                                                                                                                                                                                                                                                                                    Execution Graph

                                                                                                                                                                                                                                                                                                                                    Execution Coverage:13.2%
                                                                                                                                                                                                                                                                                                                                    Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                                                                                                                                                                                    Signature Coverage:17%
                                                                                                                                                                                                                                                                                                                                    Total number of Nodes:1376
                                                                                                                                                                                                                                                                                                                                    Total number of Limit Nodes:25
                                                                                                                                                                                                                                                                                                                                    execution_graph 3848 402643 3849 402672 3848->3849 3850 402657 3848->3850 3851 4026a2 3849->3851 3852 402677 3849->3852 3865 402d89 3850->3865 3855 402dab 21 API calls 3851->3855 3854 402dab 21 API calls 3852->3854 3856 40267e 3854->3856 3857 4026a9 lstrlenW 3855->3857 3868 406543 WideCharToMultiByte 3856->3868 3860 40265e 3857->3860 3859 402692 lstrlenA 3859->3860 3861 4026d6 3860->3861 3863 4026ec 3860->3863 3869 4060f2 SetFilePointer 3860->3869 3862 4060c3 WriteFile 3861->3862 3861->3863 3862->3863 3866 40655e 21 API calls 3865->3866 3867 402d9e 3866->3867 3867->3860 3868->3859 3870 40610e 3869->3870 3877 406126 3869->3877 3871 406094 ReadFile 3870->3871 3872 40611a 3871->3872 3873 406157 SetFilePointer 3872->3873 3874 40612f SetFilePointer 3872->3874 3872->3877 3873->3877 3874->3873 3875 40613a 3874->3875 3876 4060c3 WriteFile 3875->3876 3876->3877 3877->3861 3401 401946 3402 401948 3401->3402 3403 402dab 21 API calls 3402->3403 3404 40194d 3403->3404 3407 405c2d 3404->3407 3446 405ef8 3407->3446 3410 405c55 DeleteFileW 3412 401956 3410->3412 3411 405c6c 3413 405d97 3411->3413 3460 406521 lstrcpynW 3411->3460 3413->3412 3420 40687e 2 API calls 3413->3420 3415 405c92 3416 405ca5 3415->3416 3417 405c98 lstrcatW 3415->3417 3461 405e3c lstrlenW 3416->3461 3418 405cab 3417->3418 3421 405cbb lstrcatW 3418->3421 3424 405cc6 lstrlenW FindFirstFileW 3418->3424 3422 405db1 3420->3422 3421->3424 3422->3412 3423 405db5 3422->3423 3425 405df0 3 API calls 3423->3425 3426 405d8c 3424->3426 3427 405ce8 3424->3427 3428 405dbb 3425->3428 3426->3413 3429 405d6f FindNextFileW 3427->3429 3439 405c2d 64 API calls 3427->3439 3441 4055a6 28 API calls 3427->3441 3444 4055a6 28 API calls 3427->3444 3465 406521 lstrcpynW 3427->3465 3466 405be5 3427->3466 3474 4062e1 MoveFileExW 3427->3474 3430 405be5 5 API calls 3428->3430 3429->3427 3433 405d85 FindClose 3429->3433 3432 405dc7 3430->3432 3434 405de1 3432->3434 3435 405dcb 3432->3435 3433->3426 3437 4055a6 28 API calls 3434->3437 3435->3412 3438 4055a6 28 API calls 3435->3438 3437->3412 3440 405dd8 3438->3440 3439->3427 3442 4062e1 40 API calls 3440->3442 3441->3429 3443 405ddf 3442->3443 3443->3412 3444->3427 3478 406521 lstrcpynW 3446->3478 3448 405f09 3479 405e9b CharNextW CharNextW 3448->3479 3451 405c4d 3451->3410 3451->3411 3452 4067cf 5 API calls 3458 405f1f 3452->3458 3453 405f50 lstrlenW 3454 405f5b 3453->3454 3453->3458 3456 405df0 3 API calls 3454->3456 3455 40687e 2 API calls 3455->3458 3457 405f60 GetFileAttributesW 3456->3457 3457->3451 3458->3451 3458->3453 3458->3455 3459 405e3c 2 API calls 3458->3459 3459->3453 3460->3415 3462 405e4a 3461->3462 3463 405e50 CharPrevW 3462->3463 3464 405e5c 3462->3464 3463->3462 3463->3464 3464->3418 3465->3427 3467 405fec 2 API calls 3466->3467 3469 405bf1 3467->3469 3468 405c12 3468->3427 3469->3468 3470 405c00 RemoveDirectoryW 3469->3470 3471 405c08 DeleteFileW 3469->3471 3472 405c0e 3470->3472 3471->3472 3472->3468 3473 405c1e SetFileAttributesW 3472->3473 3473->3468 3475 406302 3474->3475 3476 4062f5 3474->3476 3475->3427 3485 406167 3476->3485 3478->3448 3481 405eca 3479->3481 3482 405eb8 3479->3482 3480 405eee 3480->3451 3480->3452 3481->3480 3484 405e1d CharNextW 3481->3484 3482->3481 3483 405ec5 CharNextW 3482->3483 3483->3480 3484->3481 3486 406197 3485->3486 3487 4061bd GetShortPathNameW 3485->3487 3512 406011 GetFileAttributesW CreateFileW 3486->3512 3489 4061d2 3487->3489 3490 4062dc 3487->3490 3489->3490 3492 4061da wsprintfA 3489->3492 3490->3475 3491 4061a1 CloseHandle GetShortPathNameW 3491->3490 3493 4061b5 3491->3493 3494 40655e 21 API calls 3492->3494 3493->3487 3493->3490 3495 406202 3494->3495 3513 406011 GetFileAttributesW CreateFileW 3495->3513 3497 40620f 3497->3490 3498 40621e GetFileSize GlobalAlloc 3497->3498 3499 406240 3498->3499 3500 4062d5 CloseHandle 3498->3500 3501 406094 ReadFile 3499->3501 3500->3490 3502 406248 3501->3502 3502->3500 3514 405f76 lstrlenA 3502->3514 3505 406273 3507 405f76 4 API calls 3505->3507 3506 40625f lstrcpyA 3508 406281 3506->3508 3507->3508 3509 4062b8 SetFilePointer 3508->3509 3510 4060c3 WriteFile 3509->3510 3511 4062ce GlobalFree 3510->3511 3511->3500 3512->3491 3513->3497 3515 405fb7 lstrlenA 3514->3515 3516 405f90 lstrcmpiA 3515->3516 3517 405fbf 3515->3517 3516->3517 3518 405fae CharNextA 3516->3518 3517->3505 3517->3506 3518->3515 3519 4015c6 3520 402dab 21 API calls 3519->3520 3521 4015cd 3520->3521 3522 405e9b 4 API calls 3521->3522 3534 4015d6 3522->3534 3523 401636 3525 401668 3523->3525 3526 40163b 3523->3526 3524 405e1d CharNextW 3524->3534 3529 401423 28 API calls 3525->3529 3544 401423 3526->3544 3535 401660 3529->3535 3533 40164f SetCurrentDirectoryW 3533->3535 3534->3523 3534->3524 3536 40161c GetFileAttributesW 3534->3536 3538 405aec 3534->3538 3541 405a75 CreateDirectoryW 3534->3541 3548 405acf CreateDirectoryW 3534->3548 3536->3534 3539 406915 5 API calls 3538->3539 3540 405af3 3539->3540 3540->3534 3542 405ac1 3541->3542 3543 405ac5 GetLastError 3541->3543 3542->3534 3543->3542 3545 4055a6 28 API calls 3544->3545 3546 401431 3545->3546 3547 406521 lstrcpynW 3546->3547 3547->3533 3549 405ae3 GetLastError 3548->3549 3550 405adf 3548->3550 3549->3550 3550->3534 3878 401c48 3879 402d89 21 API calls 3878->3879 3880 401c4f 3879->3880 3881 402d89 21 API calls 3880->3881 3882 401c5c 3881->3882 3883 402dab 21 API calls 3882->3883 3886 401c71 3882->3886 3883->3886 3884 401cd8 3889 402dab 21 API calls 3884->3889 3885 401c8c 3888 402d89 21 API calls 3885->3888 3887 402dab 21 API calls 3886->3887 3890 401c81 3886->3890 3887->3890 3891 401c91 3888->3891 3892 401cdd 3889->3892 3890->3884 3890->3885 3893 402d89 21 API calls 3891->3893 3894 402dab 21 API calls 3892->3894 3895 401c9d 3893->3895 3896 401ce6 FindWindowExW 3894->3896 3897 401cc8 SendMessageW 3895->3897 3898 401caa SendMessageTimeoutW 3895->3898 3899 401d08 3896->3899 3897->3899 3898->3899 3907 4028c9 3908 4028cf 3907->3908 3909 4028d7 FindClose 3908->3909 3910 402c2f 3908->3910 3909->3910 3911 40494a 3912 404980 3911->3912 3913 40495a 3911->3913 3921 404507 3912->3921 3918 4044a0 3913->3918 3916 404967 SetDlgItemTextW 3916->3912 3919 40655e 21 API calls 3918->3919 3920 4044ab SetDlgItemTextW 3919->3920 3920->3916 3922 4045ca 3921->3922 3923 40451f GetWindowLongW 3921->3923 3923->3922 3924 404534 3923->3924 3924->3922 3925 404561 GetSysColor 3924->3925 3926 404564 3924->3926 3925->3926 3927 404574 SetBkMode 3926->3927 3928 40456a SetTextColor 3926->3928 3929 404592 3927->3929 3930 40458c GetSysColor 3927->3930 3928->3927 3931 4045a3 3929->3931 3932 404599 SetBkColor 3929->3932 3930->3929 3931->3922 3933 4045b6 DeleteObject 3931->3933 3934 4045bd CreateBrushIndirect 3931->3934 3932->3931 3933->3934 3934->3922 3938 4016d1 3939 402dab 21 API calls 3938->3939 3940 4016d7 GetFullPathNameW 3939->3940 3941 4016f1 3940->3941 3947 401713 3940->3947 3944 40687e 2 API calls 3941->3944 3941->3947 3942 401728 GetShortPathNameW 3943 402c2f 3942->3943 3945 401703 3944->3945 3945->3947 3948 406521 lstrcpynW 3945->3948 3947->3942 3947->3943 3948->3947 3949 401e53 GetDC 3950 402d89 21 API calls 3949->3950 3951 401e65 GetDeviceCaps MulDiv ReleaseDC 3950->3951 3952 402d89 21 API calls 3951->3952 3953 401e96 3952->3953 3954 40655e 21 API calls 3953->3954 3955 401ed3 CreateFontIndirectW 3954->3955 3956 40263d 3955->3956 3957 402955 3958 402dab 21 API calls 3957->3958 3959 402961 3958->3959 3960 402977 3959->3960 3961 402dab 21 API calls 3959->3961 3962 405fec 2 API calls 3960->3962 3961->3960 3963 40297d 3962->3963 3985 406011 GetFileAttributesW CreateFileW 3963->3985 3965 40298a 3966 402a40 3965->3966 3967 4029a5 GlobalAlloc 3965->3967 3968 402a28 3965->3968 3969 402a47 DeleteFileW 3966->3969 3970 402a5a 3966->3970 3967->3968 3971 4029be 3967->3971 3972 4032b9 39 API calls 3968->3972 3969->3970 3986 4034b4 SetFilePointer 3971->3986 3974 402a35 CloseHandle 3972->3974 3974->3966 3975 4029c4 3976 40349e ReadFile 3975->3976 3977 4029cd GlobalAlloc 3976->3977 3978 402a11 3977->3978 3979 4029dd 3977->3979 3980 4060c3 WriteFile 3978->3980 3981 4032b9 39 API calls 3979->3981 3982 402a1d GlobalFree 3980->3982 3984 4029ea 3981->3984 3982->3968 3983 402a08 GlobalFree 3983->3978 3984->3983 3985->3965 3986->3975 3987 4045d6 lstrcpynW lstrlenW 3988 4014d7 3989 402d89 21 API calls 3988->3989 3990 4014dd Sleep 3989->3990 3992 402c2f 3990->3992 3993 40195b 3994 402dab 21 API calls 3993->3994 3995 401962 lstrlenW 3994->3995 3996 40263d 3995->3996 3997 4020dd 3998 4020ef 3997->3998 4008 4021a1 3997->4008 3999 402dab 21 API calls 3998->3999 4000 4020f6 3999->4000 4002 402dab 21 API calls 4000->4002 4001 401423 28 API calls 4003 4022fb 4001->4003 4004 4020ff 4002->4004 4005 402115 LoadLibraryExW 4004->4005 4006 402107 GetModuleHandleW 4004->4006 4007 402126 4005->4007 4005->4008 4006->4005 4006->4007 4017 406984 4007->4017 4008->4001 4011 402170 4013 4055a6 28 API calls 4011->4013 4012 402137 4014 401423 28 API calls 4012->4014 4015 402147 4012->4015 4013->4015 4014->4015 4015->4003 4016 402193 FreeLibrary 4015->4016 4016->4003 4022 406543 WideCharToMultiByte 4017->4022 4019 4069a1 4020 4069a8 GetProcAddress 4019->4020 4021 402131 4019->4021 4020->4021 4021->4011 4021->4012 4022->4019 4023 402b5e 4024 402bb0 4023->4024 4025 402b65 4023->4025 4026 406915 5 API calls 4024->4026 4027 402bae 4025->4027 4029 402d89 21 API calls 4025->4029 4028 402bb7 4026->4028 4030 402dab 21 API calls 4028->4030 4031 402b73 4029->4031 4032 402bc0 4030->4032 4033 402d89 21 API calls 4031->4033 4032->4027 4034 402bc4 IIDFromString 4032->4034 4036 402b7f 4033->4036 4034->4027 4035 402bd3 4034->4035 4035->4027 4041 406521 lstrcpynW 4035->4041 4040 406468 wsprintfW 4036->4040 4038 402bf0 CoTaskMemFree 4038->4027 4040->4027 4041->4038 4049 40465f 4050 404791 4049->4050 4052 404677 4049->4052 4051 4047fb 4050->4051 4053 4048c5 4050->4053 4058 4047cc GetDlgItem SendMessageW 4050->4058 4051->4053 4054 404805 GetDlgItem 4051->4054 4055 4044a0 22 API calls 4052->4055 4060 404507 8 API calls 4053->4060 4056 404886 4054->4056 4057 40481f 4054->4057 4059 4046de 4055->4059 4056->4053 4062 404898 4056->4062 4057->4056 4061 404845 SendMessageW LoadCursorW SetCursor 4057->4061 4082 4044c2 EnableWindow 4058->4082 4064 4044a0 22 API calls 4059->4064 4071 4048c0 4060->4071 4086 40490e 4061->4086 4066 4048ae 4062->4066 4067 40489e SendMessageW 4062->4067 4069 4046eb CheckDlgButton 4064->4069 4066->4071 4072 4048b4 SendMessageW 4066->4072 4067->4066 4068 4047f6 4083 4048ea 4068->4083 4080 4044c2 EnableWindow 4069->4080 4072->4071 4075 404709 GetDlgItem 4081 4044d5 SendMessageW 4075->4081 4077 40471f SendMessageW 4078 404745 SendMessageW SendMessageW lstrlenW SendMessageW SendMessageW 4077->4078 4079 40473c GetSysColor 4077->4079 4078->4071 4079->4078 4080->4075 4081->4077 4082->4068 4084 4048f8 4083->4084 4085 4048fd SendMessageW 4083->4085 4084->4085 4085->4051 4089 405b47 ShellExecuteExW 4086->4089 4088 404874 LoadCursorW SetCursor 4088->4056 4089->4088 4090 402a60 4091 402d89 21 API calls 4090->4091 4092 402a66 4091->4092 4093 402aa9 4092->4093 4094 402a8d 4092->4094 4100 402933 4092->4100 4097 402ac3 4093->4097 4098 402ab3 4093->4098 4095 402a92 4094->4095 4096 402aa3 4094->4096 4104 406521 lstrcpynW 4095->4104 4096->4100 4105 406468 wsprintfW 4096->4105 4099 40655e 21 API calls 4097->4099 4101 402d89 21 API calls 4098->4101 4099->4096 4101->4096 4104->4100 4105->4100 3285 401761 3291 402dab 3285->3291 3289 40176f 3290 406040 2 API calls 3289->3290 3290->3289 3292 402db7 3291->3292 3293 40655e 21 API calls 3292->3293 3294 402dd8 3293->3294 3295 401768 3294->3295 3296 4067cf 5 API calls 3294->3296 3297 406040 3295->3297 3296->3295 3298 40604d GetTickCount GetTempFileNameW 3297->3298 3299 406087 3298->3299 3300 406083 3298->3300 3299->3289 3300->3298 3300->3299 4106 401d62 4107 402d89 21 API calls 4106->4107 4108 401d73 SetWindowLongW 4107->4108 4109 402c2f 4108->4109 4110 4028e3 4111 4028eb 4110->4111 4112 4028ef FindNextFileW 4111->4112 4114 402901 4111->4114 4113 402948 4112->4113 4112->4114 4116 406521 lstrcpynW 4113->4116 4116->4114 4117 4056e5 4118 405706 GetDlgItem GetDlgItem GetDlgItem 4117->4118 4119 40588f 4117->4119 4162 4044d5 SendMessageW 4118->4162 4121 4058c0 4119->4121 4122 405898 GetDlgItem CreateThread CloseHandle 4119->4122 4124 4058eb 4121->4124 4126 405910 4121->4126 4127 4058d7 ShowWindow ShowWindow 4121->4127 4122->4121 4123 405776 4131 40577d GetClientRect GetSystemMetrics SendMessageW SendMessageW 4123->4131 4125 40594b 4124->4125 4128 405925 ShowWindow 4124->4128 4129 4058ff 4124->4129 4125->4126 4138 405959 SendMessageW 4125->4138 4130 404507 8 API calls 4126->4130 4164 4044d5 SendMessageW 4127->4164 4134 405945 4128->4134 4135 405937 4128->4135 4165 404479 4129->4165 4144 40591e 4130->4144 4136 4057eb 4131->4136 4137 4057cf SendMessageW SendMessageW 4131->4137 4140 404479 SendMessageW 4134->4140 4139 4055a6 28 API calls 4135->4139 4141 4057f0 SendMessageW 4136->4141 4142 4057fe 4136->4142 4137->4136 4143 405972 CreatePopupMenu 4138->4143 4138->4144 4139->4134 4140->4125 4141->4142 4146 4044a0 22 API calls 4142->4146 4145 40655e 21 API calls 4143->4145 4147 405982 AppendMenuW 4145->4147 4148 40580e 4146->4148 4149 4059b2 TrackPopupMenu 4147->4149 4150 40599f GetWindowRect 4147->4150 4151 405817 ShowWindow 4148->4151 4152 40584b GetDlgItem SendMessageW 4148->4152 4149->4144 4153 4059cd 4149->4153 4150->4149 4154 40583a 4151->4154 4155 40582d ShowWindow 4151->4155 4152->4144 4156 405872 SendMessageW SendMessageW 4152->4156 4157 4059e9 SendMessageW 4153->4157 4163 4044d5 SendMessageW 4154->4163 4155->4154 4156->4144 4157->4157 4158 405a06 OpenClipboard EmptyClipboard GlobalAlloc GlobalLock 4157->4158 4160 405a2b SendMessageW 4158->4160 4160->4160 4161 405a54 GlobalUnlock SetClipboardData CloseClipboard 4160->4161 4161->4144 4162->4123 4163->4152 4164->4124 4166 404480 4165->4166 4167 404486 SendMessageW 4165->4167 4166->4167 4167->4126 4168 404ce7 4169 404d13 4168->4169 4170 404cf7 4168->4170 4172 404d46 4169->4172 4173 404d19 SHGetPathFromIDListW 4169->4173 4179 405b65 GetDlgItemTextW 4170->4179 4174 404d30 SendMessageW 4173->4174 4175 404d29 4173->4175 4174->4172 4177 40140b 2 API calls 4175->4177 4176 404d04 SendMessageW 4176->4169 4177->4174 4179->4176 4180 401568 4181 402ba9 4180->4181 4184 406468 wsprintfW 4181->4184 4183 402bae 4184->4183 4185 40196d 4186 402d89 21 API calls 4185->4186 4187 401974 4186->4187 4188 402d89 21 API calls 4187->4188 4189 401981 4188->4189 4190 402dab 21 API calls 4189->4190 4191 401998 lstrlenW 4190->4191 4192 4019a9 4191->4192 4193 4019ea 4192->4193 4197 406521 lstrcpynW 4192->4197 4195 4019da 4195->4193 4196 4019df lstrlenW 4195->4196 4196->4193 4197->4195 4198 40166f 4199 402dab 21 API calls 4198->4199 4200 401675 4199->4200 4201 40687e 2 API calls 4200->4201 4202 40167b 4201->4202 4203 402af0 4204 402d89 21 API calls 4203->4204 4205 402af6 4204->4205 4206 40655e 21 API calls 4205->4206 4207 402933 4205->4207 4206->4207 4208 4026f1 4209 402d89 21 API calls 4208->4209 4217 402700 4209->4217 4210 40274a ReadFile 4210->4217 4220 40283d 4210->4220 4211 406094 ReadFile 4211->4217 4212 40278a MultiByteToWideChar 4212->4217 4213 40283f 4221 406468 wsprintfW 4213->4221 4214 4060f2 5 API calls 4214->4217 4216 4027b0 SetFilePointer MultiByteToWideChar 4216->4217 4217->4210 4217->4211 4217->4212 4217->4213 4217->4214 4217->4216 4218 402850 4217->4218 4217->4220 4219 402871 SetFilePointer 4218->4219 4218->4220 4219->4220 4221->4220 3301 401774 3302 402dab 21 API calls 3301->3302 3303 40177b 3302->3303 3304 4017a3 3303->3304 3305 40179b 3303->3305 3378 406521 lstrcpynW 3304->3378 3377 406521 lstrcpynW 3305->3377 3308 4017a1 3312 4067cf 5 API calls 3308->3312 3309 4017ae 3379 405df0 lstrlenW CharPrevW 3309->3379 3328 4017c0 3312->3328 3316 4017d2 CompareFileTime 3316->3328 3317 401892 3343 4055a6 3317->3343 3318 401869 3320 4055a6 28 API calls 3318->3320 3330 40187e 3318->3330 3320->3330 3324 406521 lstrcpynW 3324->3328 3325 4018c3 SetFileTime 3326 4018d5 FindCloseChangeNotification 3325->3326 3329 4018e6 3326->3329 3326->3330 3327 40655e 21 API calls 3327->3328 3328->3316 3328->3317 3328->3318 3328->3324 3328->3327 3335 405b81 MessageBoxIndirectW 3328->3335 3339 405fec GetFileAttributesW 3328->3339 3342 406011 GetFileAttributesW CreateFileW 3328->3342 3382 40687e FindFirstFileW 3328->3382 3331 4018eb 3329->3331 3332 4018fe 3329->3332 3333 40655e 21 API calls 3331->3333 3334 40655e 21 API calls 3332->3334 3336 4018f3 lstrcatW 3333->3336 3337 401906 3334->3337 3335->3328 3336->3337 3338 405b81 MessageBoxIndirectW 3337->3338 3338->3330 3340 40600b 3339->3340 3341 405ffe SetFileAttributesW 3339->3341 3340->3328 3341->3340 3342->3328 3344 4055c1 3343->3344 3345 40189c 3343->3345 3346 4055dd lstrlenW 3344->3346 3347 40655e 21 API calls 3344->3347 3354 4032b9 3345->3354 3348 405606 3346->3348 3349 4055eb lstrlenW 3346->3349 3347->3346 3351 405619 3348->3351 3352 40560c SetWindowTextW 3348->3352 3349->3345 3350 4055fd lstrcatW 3349->3350 3350->3348 3351->3345 3353 40561f SendMessageW SendMessageW SendMessageW 3351->3353 3352->3351 3353->3345 3356 4032d2 3354->3356 3355 4032fd 3385 40349e 3355->3385 3356->3355 3398 4034b4 SetFilePointer 3356->3398 3360 40331a GetTickCount 3368 40332d 3360->3368 3361 40343e 3362 403442 3361->3362 3367 40345a 3361->3367 3364 40349e ReadFile 3362->3364 3363 4018af 3363->3325 3363->3326 3364->3363 3365 40349e ReadFile 3365->3367 3366 40349e ReadFile 3366->3368 3367->3363 3367->3365 3396 4060c3 WriteFile 3367->3396 3368->3363 3368->3366 3371 403393 GetTickCount 3368->3371 3388 406a90 3368->3388 3372 4033ac 3371->3372 3372->3363 3372->3368 3373 4033bc MulDiv wsprintfW 3372->3373 3374 403428 3372->3374 3376 4060c3 WriteFile 3372->3376 3375 4055a6 28 API calls 3373->3375 3374->3363 3375->3372 3376->3372 3377->3308 3378->3309 3380 4017b4 lstrcatW 3379->3380 3381 405e0c lstrcatW 3379->3381 3380->3308 3381->3380 3383 406894 FindClose 3382->3383 3384 40689f 3382->3384 3383->3384 3384->3328 3399 406094 ReadFile 3385->3399 3389 406ab5 3388->3389 3390 406abd 3388->3390 3389->3368 3390->3389 3391 406b44 GlobalFree 3390->3391 3392 406b4d GlobalAlloc 3390->3392 3393 406bc4 GlobalAlloc 3390->3393 3394 406bbb GlobalFree 3390->3394 3391->3392 3392->3389 3395 406b61 3392->3395 3393->3389 3393->3390 3394->3393 3395->3390 3397 4060e1 3396->3397 3397->3367 3398->3355 3400 403308 3399->3400 3400->3360 3400->3361 3400->3363 4236 4014f5 SetForegroundWindow 4237 402c2f 4236->4237 4238 401a77 4239 402d89 21 API calls 4238->4239 4240 401a80 4239->4240 4241 402d89 21 API calls 4240->4241 4242 401a25 4241->4242 4243 401578 4244 401591 4243->4244 4245 401588 ShowWindow 4243->4245 4246 402c2f 4244->4246 4247 40159f ShowWindow 4244->4247 4245->4244 4247->4246 4248 4023f9 4249 402dab 21 API calls 4248->4249 4250 402408 4249->4250 4251 402dab 21 API calls 4250->4251 4252 402411 4251->4252 4253 402dab 21 API calls 4252->4253 4254 40241b GetPrivateProfileStringW 4253->4254 4255 401ffb 4256 402dab 21 API calls 4255->4256 4257 402002 4256->4257 4258 40687e 2 API calls 4257->4258 4259 402008 4258->4259 4261 402019 4259->4261 4262 406468 wsprintfW 4259->4262 4262->4261 3583 4034fc SetErrorMode GetVersionExW 3584 403550 GetVersionExW 3583->3584 3585 403588 3583->3585 3584->3585 3586 4035df 3585->3586 3587 406915 5 API calls 3585->3587 3588 4068a5 3 API calls 3586->3588 3587->3586 3589 4035f5 lstrlenA 3588->3589 3589->3586 3590 403605 3589->3590 3591 406915 5 API calls 3590->3591 3592 40360c 3591->3592 3593 406915 5 API calls 3592->3593 3594 403613 3593->3594 3595 406915 5 API calls 3594->3595 3596 40361f #17 OleInitialize SHGetFileInfoW 3595->3596 3671 406521 lstrcpynW 3596->3671 3599 40366e GetCommandLineW 3672 406521 lstrcpynW 3599->3672 3601 403680 3602 405e1d CharNextW 3601->3602 3603 4036a6 CharNextW 3602->3603 3609 4036b8 3603->3609 3604 4037ba 3605 4037ce GetTempPathW 3604->3605 3673 4034cb 3605->3673 3607 4037e6 3610 403840 DeleteFileW 3607->3610 3611 4037ea GetWindowsDirectoryW lstrcatW 3607->3611 3608 405e1d CharNextW 3608->3609 3609->3604 3609->3608 3617 4037bc 3609->3617 3683 403082 GetTickCount GetModuleFileNameW 3610->3683 3612 4034cb 12 API calls 3611->3612 3614 403806 3612->3614 3614->3610 3616 40380a GetTempPathW lstrcatW SetEnvironmentVariableW SetEnvironmentVariableW 3614->3616 3615 403854 3623 405e1d CharNextW 3615->3623 3654 4038fb 3615->3654 3662 40390b 3615->3662 3618 4034cb 12 API calls 3616->3618 3768 406521 lstrcpynW 3617->3768 3621 403838 3618->3621 3621->3610 3621->3662 3628 403873 3623->3628 3625 403a59 3627 405b81 MessageBoxIndirectW 3625->3627 3626 403a7d 3629 403a85 GetCurrentProcess OpenProcessToken 3626->3629 3632 403b01 ExitProcess 3626->3632 3634 403a67 ExitProcess 3627->3634 3630 4038d1 3628->3630 3631 403914 3628->3631 3635 403ad1 3629->3635 3636 403a9d LookupPrivilegeValueW AdjustTokenPrivileges 3629->3636 3638 405ef8 18 API calls 3630->3638 3639 405aec 5 API calls 3631->3639 3637 406915 5 API calls 3635->3637 3636->3635 3640 403ad8 3637->3640 3641 4038dd 3638->3641 3642 403919 lstrlenW 3639->3642 3644 403aed ExitWindowsEx 3640->3644 3646 403afa 3640->3646 3641->3662 3769 406521 lstrcpynW 3641->3769 3771 406521 lstrcpynW 3642->3771 3644->3632 3644->3646 3645 403933 3648 40394b 3645->3648 3772 406521 lstrcpynW 3645->3772 3780 40140b 3646->3780 3653 403971 wsprintfW 3648->3653 3668 40399d 3648->3668 3650 4038f0 3770 406521 lstrcpynW 3650->3770 3655 40655e 21 API calls 3653->3655 3711 403bf3 3654->3711 3655->3648 3656 405a75 2 API calls 3656->3668 3657 405acf 2 API calls 3657->3668 3658 4039e7 SetCurrentDirectoryW 3661 4062e1 40 API calls 3658->3661 3659 4039ad GetFileAttributesW 3660 4039b9 DeleteFileW 3659->3660 3659->3668 3660->3668 3663 4039f6 CopyFileW 3661->3663 3773 403b19 3662->3773 3663->3662 3663->3668 3664 405c2d 71 API calls 3664->3668 3665 4062e1 40 API calls 3665->3668 3666 40655e 21 API calls 3666->3668 3667 405b04 2 API calls 3667->3668 3668->3648 3668->3653 3668->3656 3668->3657 3668->3658 3668->3659 3668->3662 3668->3664 3668->3665 3668->3666 3668->3667 3669 403a6f CloseHandle 3668->3669 3670 40687e 2 API calls 3668->3670 3669->3662 3670->3668 3671->3599 3672->3601 3674 4067cf 5 API calls 3673->3674 3675 4034d7 3674->3675 3676 4034e1 3675->3676 3677 405df0 3 API calls 3675->3677 3676->3607 3678 4034e9 3677->3678 3679 405acf 2 API calls 3678->3679 3680 4034ef 3679->3680 3681 406040 2 API calls 3680->3681 3682 4034fa 3681->3682 3682->3607 3783 406011 GetFileAttributesW CreateFileW 3683->3783 3685 4030c2 3703 4030d2 3685->3703 3784 406521 lstrcpynW 3685->3784 3687 4030e8 3688 405e3c 2 API calls 3687->3688 3689 4030ee 3688->3689 3785 406521 lstrcpynW 3689->3785 3691 4030f9 GetFileSize 3692 4031f3 3691->3692 3705 403110 3691->3705 3786 40301e 3692->3786 3694 4031fc 3696 40322c GlobalAlloc 3694->3696 3694->3703 3798 4034b4 SetFilePointer 3694->3798 3695 40349e ReadFile 3695->3705 3797 4034b4 SetFilePointer 3696->3797 3698 40325f 3700 40301e 6 API calls 3698->3700 3700->3703 3701 403215 3704 40349e ReadFile 3701->3704 3702 403247 3706 4032b9 39 API calls 3702->3706 3703->3615 3707 403220 3704->3707 3705->3692 3705->3695 3705->3698 3705->3703 3708 40301e 6 API calls 3705->3708 3709 403253 3706->3709 3707->3696 3707->3703 3708->3705 3709->3703 3709->3709 3710 403290 SetFilePointer 3709->3710 3710->3703 3712 406915 5 API calls 3711->3712 3713 403c07 3712->3713 3714 403c0d 3713->3714 3715 403c1f 3713->3715 3807 406468 wsprintfW 3714->3807 3716 4063ef 3 API calls 3715->3716 3717 403c4f 3716->3717 3719 403c6e lstrcatW 3717->3719 3721 4063ef 3 API calls 3717->3721 3720 403c1d 3719->3720 3799 403ec9 3720->3799 3721->3719 3724 405ef8 18 API calls 3725 403ca0 3724->3725 3726 403d34 3725->3726 3728 4063ef 3 API calls 3725->3728 3727 405ef8 18 API calls 3726->3727 3729 403d3a 3727->3729 3730 403cd2 3728->3730 3731 403d4a LoadImageW 3729->3731 3732 40655e 21 API calls 3729->3732 3730->3726 3735 403cf3 lstrlenW 3730->3735 3738 405e1d CharNextW 3730->3738 3733 403df0 3731->3733 3734 403d71 RegisterClassW 3731->3734 3732->3731 3737 40140b 2 API calls 3733->3737 3736 403da7 SystemParametersInfoW CreateWindowExW 3734->3736 3766 403dfa 3734->3766 3739 403d01 lstrcmpiW 3735->3739 3740 403d27 3735->3740 3736->3733 3741 403df6 3737->3741 3742 403cf0 3738->3742 3739->3740 3743 403d11 GetFileAttributesW 3739->3743 3744 405df0 3 API calls 3740->3744 3746 403ec9 22 API calls 3741->3746 3741->3766 3742->3735 3745 403d1d 3743->3745 3747 403d2d 3744->3747 3745->3740 3749 405e3c 2 API calls 3745->3749 3750 403e07 3746->3750 3808 406521 lstrcpynW 3747->3808 3749->3740 3751 403e13 ShowWindow 3750->3751 3752 403e96 3750->3752 3753 4068a5 3 API calls 3751->3753 3809 405679 OleInitialize 3752->3809 3755 403e2b 3753->3755 3757 403e39 GetClassInfoW 3755->3757 3760 4068a5 3 API calls 3755->3760 3756 403e9c 3758 403ea0 3756->3758 3759 403eb8 3756->3759 3762 403e63 DialogBoxParamW 3757->3762 3763 403e4d GetClassInfoW RegisterClassW 3757->3763 3764 40140b 2 API calls 3758->3764 3758->3766 3761 40140b 2 API calls 3759->3761 3760->3757 3761->3766 3765 40140b 2 API calls 3762->3765 3763->3762 3764->3766 3767 403e8b 3765->3767 3766->3662 3767->3766 3768->3605 3769->3650 3770->3654 3771->3645 3772->3648 3774 403b31 3773->3774 3775 403b23 CloseHandle 3773->3775 3827 403b5e 3774->3827 3775->3774 3778 405c2d 71 API calls 3779 403a4c OleUninitialize 3778->3779 3779->3625 3779->3626 3781 401389 2 API calls 3780->3781 3782 401420 3781->3782 3782->3632 3783->3685 3784->3687 3785->3691 3787 403027 3786->3787 3788 40303f 3786->3788 3789 403030 DestroyWindow 3787->3789 3790 403037 3787->3790 3791 403047 3788->3791 3792 40304f GetTickCount 3788->3792 3789->3790 3790->3694 3793 406951 2 API calls 3791->3793 3794 403080 3792->3794 3795 40305d CreateDialogParamW ShowWindow 3792->3795 3796 40304d 3793->3796 3794->3694 3795->3794 3796->3694 3797->3702 3798->3701 3800 403edd 3799->3800 3816 406468 wsprintfW 3800->3816 3802 403f4e 3817 403f82 3802->3817 3804 403c7e 3804->3724 3805 403f53 3805->3804 3806 40655e 21 API calls 3805->3806 3806->3805 3807->3720 3808->3726 3820 4044ec 3809->3820 3811 40569c 3815 4056c3 3811->3815 3823 401389 3811->3823 3812 4044ec SendMessageW 3813 4056d5 OleUninitialize 3812->3813 3813->3756 3815->3812 3816->3802 3818 40655e 21 API calls 3817->3818 3819 403f90 SetWindowTextW 3818->3819 3819->3805 3821 404504 3820->3821 3822 4044f5 SendMessageW 3820->3822 3821->3811 3822->3821 3825 401390 3823->3825 3824 4013fe 3824->3811 3825->3824 3826 4013cb MulDiv SendMessageW 3825->3826 3826->3825 3828 403b6c 3827->3828 3829 403b36 3828->3829 3830 403b71 FreeLibrary GlobalFree 3828->3830 3829->3778 3830->3829 3830->3830 4263 401b7c 4264 402dab 21 API calls 4263->4264 4265 401b83 4264->4265 4266 402d89 21 API calls 4265->4266 4267 401b8c wsprintfW 4266->4267 4268 402c2f 4267->4268 4276 401000 4277 401037 BeginPaint GetClientRect 4276->4277 4278 40100c DefWindowProcW 4276->4278 4280 4010f3 4277->4280 4283 401179 4278->4283 4281 401073 CreateBrushIndirect FillRect DeleteObject 4280->4281 4282 4010fc 4280->4282 4281->4280 4284 401102 CreateFontIndirectW 4282->4284 4285 401167 EndPaint 4282->4285 4284->4285 4286 401112 6 API calls 4284->4286 4285->4283 4286->4285 4287 401680 4288 402dab 21 API calls 4287->4288 4289 401687 4288->4289 4290 402dab 21 API calls 4289->4290 4291 401690 4290->4291 4292 402dab 21 API calls 4291->4292 4293 401699 MoveFileW 4292->4293 4294 4016ac 4293->4294 4300 4016a5 4293->4300 4295 4022fb 4294->4295 4297 40687e 2 API calls 4294->4297 4296 401423 28 API calls 4296->4295 4298 4016bb 4297->4298 4298->4295 4299 4062e1 40 API calls 4298->4299 4299->4300 4300->4296 4301 401503 4302 401520 4301->4302 4303 401508 4301->4303 4304 402d89 21 API calls 4303->4304 4304->4302 4305 401a04 4306 402dab 21 API calls 4305->4306 4307 401a0b 4306->4307 4308 402dab 21 API calls 4307->4308 4309 401a14 4308->4309 4310 401a1b lstrcmpiW 4309->4310 4311 401a2d lstrcmpW 4309->4311 4312 401a21 4310->4312 4311->4312 4313 402304 4314 402dab 21 API calls 4313->4314 4315 40230a 4314->4315 4316 402dab 21 API calls 4315->4316 4317 402313 4316->4317 4318 402dab 21 API calls 4317->4318 4319 40231c 4318->4319 4320 40687e 2 API calls 4319->4320 4321 402325 4320->4321 4322 402336 lstrlenW lstrlenW 4321->4322 4323 402329 4321->4323 4324 4055a6 28 API calls 4322->4324 4325 4055a6 28 API calls 4323->4325 4327 402331 4323->4327 4326 402374 SHFileOperationW 4324->4326 4325->4327 4326->4323 4326->4327 4328 401d86 4329 401d99 GetDlgItem 4328->4329 4330 401d8c 4328->4330 4332 401d93 4329->4332 4331 402d89 21 API calls 4330->4331 4331->4332 4333 402dab 21 API calls 4332->4333 4335 401dda GetClientRect LoadImageW SendMessageW 4332->4335 4333->4335 4336 401e38 4335->4336 4338 401e44 4335->4338 4337 401e3d DeleteObject 4336->4337 4336->4338 4337->4338 4339 402388 4340 4023a2 4339->4340 4341 40238f 4339->4341 4342 40655e 21 API calls 4341->4342 4343 40239c 4342->4343 4344 405b81 MessageBoxIndirectW 4343->4344 4344->4340 3551 401389 3553 401390 3551->3553 3552 4013fe 3553->3552 3554 4013cb MulDiv SendMessageW 3553->3554 3554->3553 4345 402c0a SendMessageW 4346 402c24 InvalidateRect 4345->4346 4347 402c2f 4345->4347 4346->4347 4355 404f0d GetDlgItem GetDlgItem 4356 404f5f 7 API calls 4355->4356 4368 405184 4355->4368 4357 405006 DeleteObject 4356->4357 4358 404ff9 SendMessageW 4356->4358 4359 40500f 4357->4359 4358->4357 4360 405046 4359->4360 4364 40655e 21 API calls 4359->4364 4361 4044a0 22 API calls 4360->4361 4365 40505a 4361->4365 4362 405312 4366 405324 4362->4366 4367 40531c SendMessageW 4362->4367 4363 405266 4363->4362 4371 4052bf SendMessageW 4363->4371 4398 405177 4363->4398 4369 405028 SendMessageW SendMessageW 4364->4369 4370 4044a0 22 API calls 4365->4370 4378 405336 ImageList_Destroy 4366->4378 4379 40533d 4366->4379 4387 40534d 4366->4387 4367->4366 4368->4363 4385 4051f3 4368->4385 4409 404e5b SendMessageW 4368->4409 4369->4359 4386 40506b 4370->4386 4376 4052d4 SendMessageW 4371->4376 4371->4398 4372 405258 SendMessageW 4372->4363 4373 404507 8 API calls 4377 405513 4373->4377 4375 4054c7 4383 4054d9 ShowWindow GetDlgItem ShowWindow 4375->4383 4375->4398 4382 4052e7 4376->4382 4378->4379 4380 405346 GlobalFree 4379->4380 4379->4387 4380->4387 4381 405146 GetWindowLongW SetWindowLongW 4384 40515f 4381->4384 4393 4052f8 SendMessageW 4382->4393 4383->4398 4388 405164 ShowWindow 4384->4388 4389 40517c 4384->4389 4385->4363 4385->4372 4386->4381 4392 4050be SendMessageW 4386->4392 4394 405141 4386->4394 4395 405110 SendMessageW 4386->4395 4396 4050fc SendMessageW 4386->4396 4387->4375 4402 405388 4387->4402 4414 404edb 4387->4414 4407 4044d5 SendMessageW 4388->4407 4408 4044d5 SendMessageW 4389->4408 4392->4386 4393->4362 4394->4381 4394->4384 4395->4386 4396->4386 4398->4373 4399 405492 4400 40549d InvalidateRect 4399->4400 4403 4054a9 4399->4403 4400->4403 4401 4053b6 SendMessageW 4406 4053cc 4401->4406 4402->4401 4402->4406 4403->4375 4423 404e16 4403->4423 4405 405440 SendMessageW SendMessageW 4405->4406 4406->4399 4406->4405 4407->4398 4408->4368 4410 404eba SendMessageW 4409->4410 4411 404e7e GetMessagePos ScreenToClient SendMessageW 4409->4411 4412 404eb2 4410->4412 4411->4412 4413 404eb7 4411->4413 4412->4385 4413->4410 4426 406521 lstrcpynW 4414->4426 4416 404eee 4427 406468 wsprintfW 4416->4427 4418 404ef8 4419 40140b 2 API calls 4418->4419 4420 404f01 4419->4420 4428 406521 lstrcpynW 4420->4428 4422 404f08 4422->4402 4429 404d4d 4423->4429 4425 404e2b 4425->4375 4426->4416 4427->4418 4428->4422 4430 404d66 4429->4430 4431 40655e 21 API calls 4430->4431 4432 404dca 4431->4432 4433 40655e 21 API calls 4432->4433 4434 404dd5 4433->4434 4435 40655e 21 API calls 4434->4435 4436 404deb lstrlenW wsprintfW SetDlgItemTextW 4435->4436 4436->4425 4437 40248f 4438 402dab 21 API calls 4437->4438 4439 4024a1 4438->4439 4440 402dab 21 API calls 4439->4440 4441 4024ab 4440->4441 4454 402e3b 4441->4454 4444 4024e3 4448 402d89 21 API calls 4444->4448 4450 4024ef 4444->4450 4445 402dab 21 API calls 4447 4024d9 lstrlenW 4445->4447 4446 402933 4447->4444 4448->4450 4449 40250e RegSetValueExW 4451 402524 RegCloseKey 4449->4451 4450->4449 4452 4032b9 39 API calls 4450->4452 4451->4446 4452->4449 4455 402e56 4454->4455 4458 4063bc 4455->4458 4459 4063cb 4458->4459 4460 4024bb 4459->4460 4461 4063d6 RegCreateKeyExW 4459->4461 4460->4444 4460->4445 4460->4446 4461->4460 4462 404610 lstrlenW 4463 404631 WideCharToMultiByte 4462->4463 4464 40462f 4462->4464 4464->4463 4465 402910 4466 402dab 21 API calls 4465->4466 4467 402917 FindFirstFileW 4466->4467 4468 40293f 4467->4468 4471 40292a 4467->4471 4473 406468 wsprintfW 4468->4473 4470 402948 4474 406521 lstrcpynW 4470->4474 4473->4470 4474->4471 4475 401911 4476 401948 4475->4476 4477 402dab 21 API calls 4476->4477 4478 40194d 4477->4478 4479 405c2d 71 API calls 4478->4479 4480 401956 4479->4480 4481 404991 4482 4049bd 4481->4482 4483 4049ce 4481->4483 4542 405b65 GetDlgItemTextW 4482->4542 4484 4049da GetDlgItem 4483->4484 4492 404a39 4483->4492 4486 4049ee 4484->4486 4490 404a02 SetWindowTextW 4486->4490 4495 405e9b 4 API calls 4486->4495 4487 404b1d 4491 404ccc 4487->4491 4544 405b65 GetDlgItemTextW 4487->4544 4488 4049c8 4489 4067cf 5 API calls 4488->4489 4489->4483 4496 4044a0 22 API calls 4490->4496 4494 404507 8 API calls 4491->4494 4492->4487 4492->4491 4497 40655e 21 API calls 4492->4497 4499 404ce0 4494->4499 4500 4049f8 4495->4500 4501 404a1e 4496->4501 4502 404aad SHBrowseForFolderW 4497->4502 4498 404b4d 4503 405ef8 18 API calls 4498->4503 4500->4490 4507 405df0 3 API calls 4500->4507 4504 4044a0 22 API calls 4501->4504 4502->4487 4505 404ac5 CoTaskMemFree 4502->4505 4506 404b53 4503->4506 4508 404a2c 4504->4508 4509 405df0 3 API calls 4505->4509 4545 406521 lstrcpynW 4506->4545 4507->4490 4543 4044d5 SendMessageW 4508->4543 4511 404ad2 4509->4511 4515 404b09 SetDlgItemTextW 4511->4515 4518 40655e 21 API calls 4511->4518 4513 404b6a 4517 406915 5 API calls 4513->4517 4514 404a32 4516 406915 5 API calls 4514->4516 4515->4487 4516->4492 4524 404b71 4517->4524 4519 404af1 lstrcmpiW 4518->4519 4519->4515 4521 404b02 lstrcatW 4519->4521 4520 404bb2 4546 406521 lstrcpynW 4520->4546 4521->4515 4523 404bb9 4525 405e9b 4 API calls 4523->4525 4524->4520 4529 405e3c 2 API calls 4524->4529 4530 404c0a 4524->4530 4526 404bbf GetDiskFreeSpaceW 4525->4526 4528 404be3 MulDiv 4526->4528 4526->4530 4528->4530 4529->4524 4531 404c7b 4530->4531 4533 404e16 24 API calls 4530->4533 4532 404c9e 4531->4532 4535 40140b 2 API calls 4531->4535 4547 4044c2 EnableWindow 4532->4547 4534 404c68 4533->4534 4536 404c7d SetDlgItemTextW 4534->4536 4537 404c6d 4534->4537 4535->4532 4536->4531 4539 404d4d 24 API calls 4537->4539 4539->4531 4540 404cba 4540->4491 4541 4048ea SendMessageW 4540->4541 4541->4491 4542->4488 4543->4514 4544->4498 4545->4513 4546->4523 4547->4540 4548 401491 4549 4055a6 28 API calls 4548->4549 4550 401498 4549->4550 4551 401914 4552 402dab 21 API calls 4551->4552 4553 40191b 4552->4553 4554 405b81 MessageBoxIndirectW 4553->4554 4555 401924 4554->4555 4556 402896 4557 40289d 4556->4557 4559 402bae 4556->4559 4558 402d89 21 API calls 4557->4558 4560 4028a4 4558->4560 4561 4028b3 SetFilePointer 4560->4561 4561->4559 4562 4028c3 4561->4562 4564 406468 wsprintfW 4562->4564 4564->4559 4565 401f17 4566 402dab 21 API calls 4565->4566 4567 401f1d 4566->4567 4568 402dab 21 API calls 4567->4568 4569 401f26 4568->4569 4570 402dab 21 API calls 4569->4570 4571 401f2f 4570->4571 4572 402dab 21 API calls 4571->4572 4573 401f38 4572->4573 4574 401423 28 API calls 4573->4574 4575 401f3f 4574->4575 4582 405b47 ShellExecuteExW 4575->4582 4577 401f87 4578 402933 4577->4578 4579 4069c0 5 API calls 4577->4579 4580 401fa4 CloseHandle 4579->4580 4580->4578 4582->4577 4583 402f98 4584 402faa SetTimer 4583->4584 4586 402fc3 4583->4586 4584->4586 4585 403018 4586->4585 4587 402fdd MulDiv wsprintfW SetWindowTextW SetDlgItemTextW 4586->4587 4587->4585 4588 40551a 4589 40552a 4588->4589 4590 40553e 4588->4590 4591 405530 4589->4591 4592 405587 4589->4592 4593 405546 IsWindowVisible 4590->4593 4599 40555d 4590->4599 4595 4044ec SendMessageW 4591->4595 4594 40558c CallWindowProcW 4592->4594 4593->4592 4596 405553 4593->4596 4597 40553a 4594->4597 4595->4597 4598 404e5b 5 API calls 4596->4598 4598->4599 4599->4594 4600 404edb 4 API calls 4599->4600 4600->4592 4601 401d1c 4602 402d89 21 API calls 4601->4602 4603 401d22 IsWindow 4602->4603 4604 401a25 4603->4604 4605 40149e 4606 4014ac PostQuitMessage 4605->4606 4607 4023a2 4605->4607 4606->4607 3207 401ba0 3208 401bf1 3207->3208 3209 401bad 3207->3209 3211 401bf6 3208->3211 3212 401c1b GlobalAlloc 3208->3212 3210 401c36 3209->3210 3215 401bc4 3209->3215 3213 40655e 21 API calls 3210->3213 3221 4023a2 3210->3221 3211->3221 3245 406521 lstrcpynW 3211->3245 3226 40655e 3212->3226 3216 40239c 3213->3216 3243 406521 lstrcpynW 3215->3243 3246 405b81 3216->3246 3219 401c08 GlobalFree 3219->3221 3220 401bd3 3244 406521 lstrcpynW 3220->3244 3224 401be2 3250 406521 lstrcpynW 3224->3250 3241 406569 3226->3241 3227 4067b0 3228 4067c9 3227->3228 3273 406521 lstrcpynW 3227->3273 3228->3210 3230 406781 lstrlenW 3230->3241 3234 40667a GetSystemDirectoryW 3234->3241 3235 40655e 15 API calls 3235->3230 3236 406690 GetWindowsDirectoryW 3236->3241 3237 40655e 15 API calls 3237->3241 3238 406722 lstrcatW 3238->3241 3241->3227 3241->3230 3241->3234 3241->3235 3241->3236 3241->3237 3241->3238 3242 4066f2 SHGetPathFromIDListW CoTaskMemFree 3241->3242 3251 4063ef 3241->3251 3256 406915 GetModuleHandleA 3241->3256 3262 4067cf 3241->3262 3271 406468 wsprintfW 3241->3271 3272 406521 lstrcpynW 3241->3272 3242->3241 3243->3220 3244->3224 3245->3219 3247 405b96 3246->3247 3248 405be2 3247->3248 3249 405baa MessageBoxIndirectW 3247->3249 3248->3221 3249->3248 3250->3221 3274 40638e 3251->3274 3254 406423 RegQueryValueExW RegCloseKey 3255 406453 3254->3255 3255->3241 3257 406931 3256->3257 3258 40693b GetProcAddress 3256->3258 3278 4068a5 GetSystemDirectoryW 3257->3278 3260 40694a 3258->3260 3260->3241 3261 406937 3261->3258 3261->3260 3269 4067dc 3262->3269 3263 406857 CharPrevW 3267 406852 3263->3267 3264 406845 CharNextW 3264->3267 3264->3269 3265 406878 3265->3241 3267->3263 3267->3265 3268 406831 CharNextW 3268->3269 3269->3264 3269->3267 3269->3268 3270 406840 CharNextW 3269->3270 3281 405e1d 3269->3281 3270->3264 3271->3241 3272->3241 3273->3228 3275 40639d 3274->3275 3276 4063a1 3275->3276 3277 4063a6 RegOpenKeyExW 3275->3277 3276->3254 3276->3255 3277->3276 3279 4068c7 wsprintfW LoadLibraryExW 3278->3279 3279->3261 3282 405e23 3281->3282 3283 405e39 3282->3283 3284 405e2a CharNextW 3282->3284 3283->3269 3284->3282 4608 402621 4609 402dab 21 API calls 4608->4609 4610 402628 4609->4610 4613 406011 GetFileAttributesW CreateFileW 4610->4613 4612 402634 4613->4612 4614 403fa1 4615 403fb9 4614->4615 4616 40411a 4614->4616 4615->4616 4617 403fc5 4615->4617 4618 40412b GetDlgItem GetDlgItem 4616->4618 4623 40416b 4616->4623 4620 403fd0 SetWindowPos 4617->4620 4621 403fe3 4617->4621 4622 4044a0 22 API calls 4618->4622 4619 4041c5 4624 4044ec SendMessageW 4619->4624 4677 404115 4619->4677 4620->4621 4625 403fec ShowWindow 4621->4625 4626 40402e 4621->4626 4627 404155 SetClassLongW 4622->4627 4623->4619 4628 401389 2 API calls 4623->4628 4657 4041d7 4624->4657 4629 40400c GetWindowLongW 4625->4629 4651 4040d8 4625->4651 4630 404036 DestroyWindow 4626->4630 4631 40404d 4626->4631 4632 40140b 2 API calls 4627->4632 4635 40419d 4628->4635 4637 404025 ShowWindow 4629->4637 4629->4651 4641 404429 4630->4641 4633 404052 SetWindowLongW 4631->4633 4634 404063 4631->4634 4632->4623 4633->4677 4638 40406f GetDlgItem 4634->4638 4634->4651 4635->4619 4639 4041a1 SendMessageW 4635->4639 4636 404507 8 API calls 4636->4677 4637->4626 4643 404080 SendMessageW IsWindowEnabled 4638->4643 4644 40409d 4638->4644 4639->4677 4640 40140b 2 API calls 4640->4657 4645 40445a ShowWindow 4641->4645 4641->4677 4642 40442b DestroyWindow EndDialog 4642->4641 4643->4644 4643->4677 4647 4040aa 4644->4647 4649 4040f1 SendMessageW 4644->4649 4650 4040bd 4644->4650 4658 4040a2 4644->4658 4645->4677 4646 40655e 21 API calls 4646->4657 4647->4649 4647->4658 4648 404479 SendMessageW 4648->4651 4649->4651 4652 4040c5 4650->4652 4653 4040da 4650->4653 4651->4636 4656 40140b 2 API calls 4652->4656 4655 40140b 2 API calls 4653->4655 4654 4044a0 22 API calls 4654->4657 4655->4658 4656->4658 4657->4640 4657->4642 4657->4646 4657->4654 4659 4044a0 22 API calls 4657->4659 4675 40436b DestroyWindow 4657->4675 4657->4677 4658->4648 4658->4651 4660 404252 GetDlgItem 4659->4660 4661 404267 4660->4661 4662 40426f ShowWindow EnableWindow 4660->4662 4661->4662 4685 4044c2 EnableWindow 4662->4685 4664 404299 EnableWindow 4669 4042ad 4664->4669 4665 4042b2 GetSystemMenu EnableMenuItem SendMessageW 4666 4042e2 SendMessageW 4665->4666 4665->4669 4666->4669 4668 403f82 22 API calls 4668->4669 4669->4665 4669->4668 4686 4044d5 SendMessageW 4669->4686 4687 406521 lstrcpynW 4669->4687 4671 404311 lstrlenW 4672 40655e 21 API calls 4671->4672 4673 404327 SetWindowTextW 4672->4673 4674 401389 2 API calls 4673->4674 4674->4657 4675->4641 4676 404385 CreateDialogParamW 4675->4676 4676->4641 4678 4043b8 4676->4678 4679 4044a0 22 API calls 4678->4679 4680 4043c3 GetDlgItem GetWindowRect ScreenToClient SetWindowPos 4679->4680 4681 401389 2 API calls 4680->4681 4682 404409 4681->4682 4682->4677 4683 404411 ShowWindow 4682->4683 4684 4044ec SendMessageW 4683->4684 4684->4641 4685->4664 4686->4669 4687->4671 4695 4025a3 4696 402deb 21 API calls 4695->4696 4697 4025ad 4696->4697 4698 402d89 21 API calls 4697->4698 4699 4025b6 4698->4699 4700 402933 4699->4700 4701 4025d2 RegEnumKeyW 4699->4701 4702 4025de RegEnumValueW 4699->4702 4703 4025f3 RegCloseKey 4701->4703 4702->4703 4703->4700 4705 4015a8 4706 402dab 21 API calls 4705->4706 4707 4015af SetFileAttributesW 4706->4707 4708 4015c1 4707->4708 3555 401fa9 3556 402dab 21 API calls 3555->3556 3557 401faf 3556->3557 3558 4055a6 28 API calls 3557->3558 3559 401fb9 3558->3559 3570 405b04 CreateProcessW 3559->3570 3562 401fe2 CloseHandle 3565 402933 3562->3565 3566 401fd4 3567 401fe4 3566->3567 3568 401fd9 3566->3568 3567->3562 3578 406468 wsprintfW 3568->3578 3571 401fbf 3570->3571 3572 405b37 CloseHandle 3570->3572 3571->3562 3571->3565 3573 4069c0 WaitForSingleObject 3571->3573 3572->3571 3574 4069da 3573->3574 3575 4069ec GetExitCodeProcess 3574->3575 3579 406951 3574->3579 3575->3566 3578->3562 3580 40696e PeekMessageW 3579->3580 3581 406964 DispatchMessageW 3580->3581 3582 40697e WaitForSingleObject 3580->3582 3581->3580 3582->3574 3831 40252f 3842 402deb 3831->3842 3834 402dab 21 API calls 3835 402542 3834->3835 3836 40254d RegQueryValueExW 3835->3836 3841 402933 3835->3841 3837 402573 RegCloseKey 3836->3837 3838 40256d 3836->3838 3837->3841 3838->3837 3847 406468 wsprintfW 3838->3847 3843 402dab 21 API calls 3842->3843 3844 402e02 3843->3844 3845 40638e RegOpenKeyExW 3844->3845 3846 402539 3845->3846 3846->3834 3847->3837 4709 40202f 4710 402dab 21 API calls 4709->4710 4711 402036 4710->4711 4712 406915 5 API calls 4711->4712 4713 402045 4712->4713 4714 402061 GlobalAlloc 4713->4714 4716 4020d1 4713->4716 4715 402075 4714->4715 4714->4716 4717 406915 5 API calls 4715->4717 4718 40207c 4717->4718 4719 406915 5 API calls 4718->4719 4720 402086 4719->4720 4720->4716 4724 406468 wsprintfW 4720->4724 4722 4020bf 4725 406468 wsprintfW 4722->4725 4724->4722 4725->4716 4726 4021af 4727 402dab 21 API calls 4726->4727 4728 4021b6 4727->4728 4729 402dab 21 API calls 4728->4729 4730 4021c0 4729->4730 4731 402dab 21 API calls 4730->4731 4732 4021ca 4731->4732 4733 402dab 21 API calls 4732->4733 4734 4021d4 4733->4734 4735 402dab 21 API calls 4734->4735 4736 4021de 4735->4736 4737 40221d CoCreateInstance 4736->4737 4738 402dab 21 API calls 4736->4738 4741 40223c 4737->4741 4738->4737 4739 401423 28 API calls 4740 4022fb 4739->4740 4741->4739 4741->4740 4742 403bb1 4743 403bbc 4742->4743 4744 403bc0 4743->4744 4745 403bc3 GlobalAlloc 4743->4745 4745->4744 4753 401a35 4754 402dab 21 API calls 4753->4754 4755 401a3e ExpandEnvironmentStringsW 4754->4755 4756 401a52 4755->4756 4757 401a65 4755->4757 4756->4757 4758 401a57 lstrcmpW 4756->4758 4758->4757 4764 4023b7 4765 4023bf 4764->4765 4766 4023c5 4764->4766 4767 402dab 21 API calls 4765->4767 4768 402dab 21 API calls 4766->4768 4770 4023d3 4766->4770 4767->4766 4768->4770 4769 4023e1 4772 402dab 21 API calls 4769->4772 4770->4769 4771 402dab 21 API calls 4770->4771 4771->4769 4773 4023ea WritePrivateProfileStringW 4772->4773 4774 4014b8 4775 4014be 4774->4775 4776 401389 2 API calls 4775->4776 4777 4014c6 4776->4777 4778 402439 4779 402441 4778->4779 4780 40246c 4778->4780 4782 402deb 21 API calls 4779->4782 4781 402dab 21 API calls 4780->4781 4784 402473 4781->4784 4783 402448 4782->4783 4786 402dab 21 API calls 4783->4786 4788 402480 4783->4788 4789 402e69 4784->4789 4787 402459 RegDeleteValueW RegCloseKey 4786->4787 4787->4788 4790 402e7d 4789->4790 4792 402e76 4789->4792 4790->4792 4793 402eae 4790->4793 4792->4788 4794 40638e RegOpenKeyExW 4793->4794 4795 402edc 4794->4795 4796 402eec RegEnumValueW 4795->4796 4797 402f0f 4795->4797 4804 402f86 4795->4804 4796->4797 4798 402f76 RegCloseKey 4796->4798 4797->4798 4799 402f4b RegEnumKeyW 4797->4799 4800 402f54 RegCloseKey 4797->4800 4802 402eae 6 API calls 4797->4802 4798->4804 4799->4797 4799->4800 4801 406915 5 API calls 4800->4801 4803 402f64 4801->4803 4802->4797 4803->4804 4805 402f68 RegDeleteKeyW 4803->4805 4804->4792 4805->4804 4806 40173a 4807 402dab 21 API calls 4806->4807 4808 401741 SearchPathW 4807->4808 4809 40175c 4808->4809 4810 401d3d 4811 402d89 21 API calls 4810->4811 4812 401d44 4811->4812 4813 402d89 21 API calls 4812->4813 4814 401d50 GetDlgItem 4813->4814 4815 40263d 4814->4815 4816 406c3f 4818 406ac3 4816->4818 4817 40742e 4818->4817 4819 406b44 GlobalFree 4818->4819 4820 406b4d GlobalAlloc 4818->4820 4821 406bc4 GlobalAlloc 4818->4821 4822 406bbb GlobalFree 4818->4822 4819->4820 4820->4817 4820->4818 4821->4817 4821->4818 4822->4821

                                                                                                                                                                                                                                                                                                                                    Executed Functions

                                                                                                                                                                                                                                                                                                                                    Function 004034FC Relevance: 82.7, APIs: 32, Strings: 15, Instructions: 464stringfilecomCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                                                                                                                                                                                    • Executed
                                                                                                                                                                                                                                                                                                                                    • Not Executed
                                                                                                                                                                                                                                                                                                                                    control_flow_graph 0 4034fc-40354e SetErrorMode GetVersionExW 1 403550-403580 GetVersionExW 0->1 2 403588-40358d 0->2 1->2 3 403595-4035d7 2->3 4 40358f 2->4 5 4035d9-4035e1 call 406915 3->5 6 4035ea 3->6 4->3 5->6 11 4035e3 5->11 8 4035ef-403603 call 4068a5 lstrlenA 6->8 13 403605-403621 call 406915 * 3 8->13 11->6 20 403632-403696 #17 OleInitialize SHGetFileInfoW call 406521 GetCommandLineW call 406521 13->20 21 403623-403629 13->21 28 403698-40369a 20->28 29 40369f-4036b3 call 405e1d CharNextW 20->29 21->20 25 40362b 21->25 25->20 28->29 32 4037ae-4037b4 29->32 33 4036b8-4036be 32->33 34 4037ba 32->34 35 4036c0-4036c5 33->35 36 4036c7-4036ce 33->36 37 4037ce-4037e8 GetTempPathW call 4034cb 34->37 35->35 35->36 38 4036d0-4036d5 36->38 39 4036d6-4036da 36->39 47 403840-40385a DeleteFileW call 403082 37->47 48 4037ea-403808 GetWindowsDirectoryW lstrcatW call 4034cb 37->48 38->39 41 4036e0-4036e6 39->41 42 40379b-4037aa call 405e1d 39->42 45 403700-403739 41->45 46 4036e8-4036ef 41->46 42->32 59 4037ac-4037ad 42->59 54 403756-403790 45->54 55 40373b-403740 45->55 52 4036f1-4036f4 46->52 53 4036f6 46->53 64 403860-403866 47->64 65 403a47-403a57 call 403b19 OleUninitialize 47->65 48->47 62 40380a-40383a GetTempPathW lstrcatW SetEnvironmentVariableW * 2 call 4034cb 48->62 52->45 52->53 53->45 57 403792-403796 54->57 58 403798-40379a 54->58 55->54 61 403742-40374a 55->61 57->58 63 4037bc-4037c9 call 406521 57->63 58->42 59->32 66 403751 61->66 67 40374c-40374f 61->67 62->47 62->65 63->37 70 40386c-403877 call 405e1d 64->70 71 4038ff-403906 call 403bf3 64->71 77 403a59-403a69 call 405b81 ExitProcess 65->77 78 403a7d-403a83 65->78 66->54 67->54 67->66 82 4038c5-4038cf 70->82 83 403879-4038ae 70->83 80 40390b-40390f 71->80 84 403b01-403b09 78->84 85 403a85-403a9b GetCurrentProcess OpenProcessToken 78->85 80->65 86 4038d1-4038df call 405ef8 82->86 87 403914-40393a call 405aec lstrlenW call 406521 82->87 91 4038b0-4038b4 83->91 88 403b0b 84->88 89 403b0f-403b13 ExitProcess 84->89 92 403ad1-403adf call 406915 85->92 93 403a9d-403acb LookupPrivilegeValueW AdjustTokenPrivileges 85->93 86->65 106 4038e5-4038fb call 406521 * 2 86->106 110 40394b-403963 87->110 111 40393c-403946 call 406521 87->111 88->89 97 4038b6-4038bb 91->97 98 4038bd-4038c1 91->98 104 403ae1-403aeb 92->104 105 403aed-403af8 ExitWindowsEx 92->105 93->92 97->98 99 4038c3 97->99 98->91 98->99 99->82 104->105 108 403afa-403afc call 40140b 104->108 105->84 105->108 106->71 108->84 116 403968-40396c 110->116 111->110 118 403971-40399b wsprintfW call 40655e 116->118 122 4039a4 call 405acf 118->122 123 40399d-4039a2 call 405a75 118->123 127 4039a9-4039ab 122->127 123->127 128 4039e7-403a06 SetCurrentDirectoryW call 4062e1 CopyFileW 127->128 129 4039ad-4039b7 GetFileAttributesW 127->129 137 403a45 128->137 138 403a08-403a29 call 4062e1 call 40655e call 405b04 128->138 130 4039d8-4039e3 129->130 131 4039b9-4039c2 DeleteFileW 129->131 130->116 134 4039e5 130->134 131->130 133 4039c4-4039d6 call 405c2d 131->133 133->118 133->130 134->65 137->65 146 403a2b-403a35 138->146 147 403a6f-403a7b CloseHandle 138->147 146->137 148 403a37-403a3f call 40687e 146->148 147->137 148->118 148->137
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • SetErrorMode.KERNELBASE ref: 0040351F
                                                                                                                                                                                                                                                                                                                                    • GetVersionExW.KERNEL32(?,?,?,?,?,?,?,?), ref: 0040354A
                                                                                                                                                                                                                                                                                                                                    • GetVersionExW.KERNEL32(?,?,?,?,?,?,?,?,?), ref: 0040355D
                                                                                                                                                                                                                                                                                                                                    • lstrlenA.KERNEL32(UXTHEME,UXTHEME,?,?,?,?,?,?,?,?), ref: 004035F6
                                                                                                                                                                                                                                                                                                                                    • #17.COMCTL32(?,00000008,0000000A,0000000C,?,?,?,?,?,?,?,?), ref: 00403633
                                                                                                                                                                                                                                                                                                                                    • OleInitialize.OLE32(00000000), ref: 0040363A
                                                                                                                                                                                                                                                                                                                                    • SHGetFileInfoW.SHELL32(00420EC8,00000000,?,000002B4,00000000), ref: 00403659
                                                                                                                                                                                                                                                                                                                                    • GetCommandLineW.KERNEL32(00428A20,NSIS Error,?,00000008,0000000A,0000000C,?,?,?,?,?,?,?,?), ref: 0040366E
                                                                                                                                                                                                                                                                                                                                    • CharNextW.USER32(00000000,"C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe",00000020,"C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe",00000000,?,00000008,0000000A,0000000C), ref: 004036A7
                                                                                                                                                                                                                                                                                                                                    • GetTempPathW.KERNEL32(00000400,C:\Users\user~1\AppData\Local\Temp\,00000000,00008001,?,00000008,0000000A,0000000C,?,?,?,?,?,?,?,?), ref: 004037DF
                                                                                                                                                                                                                                                                                                                                    • GetWindowsDirectoryW.KERNEL32(C:\Users\user~1\AppData\Local\Temp\,000003FB,?,00000008,0000000A,0000000C,?,?,?,?,?,?,?,?), ref: 004037F0
                                                                                                                                                                                                                                                                                                                                    • lstrcatW.KERNEL32(C:\Users\user~1\AppData\Local\Temp\,\Temp), ref: 004037FC
                                                                                                                                                                                                                                                                                                                                    • GetTempPathW.KERNEL32(000003FC,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,\Temp,?,00000008,0000000A,0000000C,?,?,?,?,?,?,?,?), ref: 00403810
                                                                                                                                                                                                                                                                                                                                    • lstrcatW.KERNEL32(C:\Users\user~1\AppData\Local\Temp\,Low), ref: 00403818
                                                                                                                                                                                                                                                                                                                                    • SetEnvironmentVariableW.KERNEL32(TEMP,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,Low,?,00000008,0000000A,0000000C,?,?,?,?,?,?,?,?), ref: 00403829
                                                                                                                                                                                                                                                                                                                                    • SetEnvironmentVariableW.KERNEL32(TMP,C:\Users\user~1\AppData\Local\Temp\,?,00000008,0000000A,0000000C,?,?,?,?,?,?,?,?), ref: 00403831
                                                                                                                                                                                                                                                                                                                                    • DeleteFileW.KERNELBASE(1033,?,00000008,0000000A,0000000C,?,?,?,?,?,?,?,?), ref: 00403845
                                                                                                                                                                                                                                                                                                                                    • lstrlenW.KERNEL32(C:\Users\user~1\AppData\Local\Temp\,"C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe",00000000,?,?,00000008,0000000A,0000000C,?,?,?,?,?,?,?,?), ref: 0040391E
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00406521: lstrcpynW.KERNEL32(?,?,00000400,0040366E,00428A20,NSIS Error,?,00000008,0000000A,0000000C), ref: 0040652E
                                                                                                                                                                                                                                                                                                                                    • wsprintfW.USER32 ref: 0040397B
                                                                                                                                                                                                                                                                                                                                    • GetFileAttributesW.KERNEL32(0042C800,C:\Users\user~1\AppData\Local\Temp\), ref: 004039AE
                                                                                                                                                                                                                                                                                                                                    • DeleteFileW.KERNEL32(0042C800), ref: 004039BA
                                                                                                                                                                                                                                                                                                                                    • SetCurrentDirectoryW.KERNEL32(C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\), ref: 004039E8
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 004062E1: MoveFileExW.KERNEL32(?,?,00000005,00405DDF,?,00000000,000000F1,?,?,?,?,?), ref: 004062EB
                                                                                                                                                                                                                                                                                                                                    • CopyFileW.KERNEL32(C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe,0042C800,00000001,C:\Users\user~1\AppData\Local\Temp\,00000000), ref: 004039FE
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405B04: CreateProcessW.KERNELBASE(00000000,0042C800,00000000,00000000,00000000,04000000,00000000,00000000,00425F10,?,?,?,0042C800,?), ref: 00405B2D
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405B04: CloseHandle.KERNEL32(?,?,?,0042C800,?), ref: 00405B3A
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 0040687E: FindFirstFileW.KERNELBASE(771B3420,00425F58,C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp,00405F41,C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp,C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp,00000000,C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp,C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp,771B3420,?,C:\Users\user~1\AppData\Local\Temp\,00405C4D,?,771B3420,C:\Users\user~1\AppData\Local\Temp\), ref: 00406889
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 0040687E: FindClose.KERNEL32(00000000), ref: 00406895
                                                                                                                                                                                                                                                                                                                                    • OleUninitialize.OLE32(?,?,00000008,0000000A,0000000C,?,?,?,?,?,?,?,?), ref: 00403A4C
                                                                                                                                                                                                                                                                                                                                    • ExitProcess.KERNEL32 ref: 00403A69
                                                                                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(00000000,0042D000,0042D000,?,0042C800,00000000), ref: 00403A70
                                                                                                                                                                                                                                                                                                                                    • GetCurrentProcess.KERNEL32(00000028,?,00000008,0000000A,0000000C,?,?,?,?,?,?,?,?), ref: 00403A8C
                                                                                                                                                                                                                                                                                                                                    • OpenProcessToken.ADVAPI32(00000000,?,?,?,?,?,?,?,?), ref: 00403A93
                                                                                                                                                                                                                                                                                                                                    • LookupPrivilegeValueW.ADVAPI32(00000000,SeShutdownPrivilege,?), ref: 00403AA8
                                                                                                                                                                                                                                                                                                                                    • AdjustTokenPrivileges.ADVAPI32(?,00000000,?,00000000,00000000,00000000,?,?,?,?,?,?,?,?), ref: 00403ACB
                                                                                                                                                                                                                                                                                                                                    • ExitWindowsEx.USER32(00000002,80040002), ref: 00403AF0
                                                                                                                                                                                                                                                                                                                                    • ExitProcess.KERNEL32 ref: 00403B13
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405ACF: CreateDirectoryW.KERNELBASE(?,00000000,004034EF,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,004037E6,?,00000008,0000000A,0000000C), ref: 00405AD5
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: File$Process$CloseDirectoryExit$CreateCurrentDeleteEnvironmentFindHandlePathTempTokenVariableVersionWindowslstrcatlstrlen$AdjustAttributesCharCommandCopyErrorFirstInfoInitializeLineLookupModeMoveNextOpenPrivilegePrivilegesUninitializeValuelstrcpynwsprintf
                                                                                                                                                                                                                                                                                                                                    • String ID: "C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe"$1033$C:\Users\user~1\AppData\Local\Temp\$C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp$C:\Users\user\Desktop$C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe$Error launching installer$Low$NSIS Error$SeShutdownPrivilege$TEMP$TMP$UXTHEME$\Temp$~nsu%X.tmp
                                                                                                                                                                                                                                                                                                                                    • API String ID: 1813718867-697696039
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 29aa30fcb600f5c8a5383c7116afafb794e17da889116137ed8fec584551b587
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: bee44f309595f2ff458e9cecae568de25c9667724a66d0f49069eb89ae1a0629
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 29aa30fcb600f5c8a5383c7116afafb794e17da889116137ed8fec584551b587
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: FDF10170204301ABD720AF659D05B2B3EE8EB8570AF11483EF581B62D1DB7DCA45CB6E
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00405C2D Relevance: 17.6, APIs: 7, Strings: 3, Instructions: 148filestringCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                                                                                                                                                                                    • Executed
                                                                                                                                                                                                                                                                                                                                    • Not Executed
                                                                                                                                                                                                                                                                                                                                    control_flow_graph 292 405c2d-405c53 call 405ef8 295 405c55-405c67 DeleteFileW 292->295 296 405c6c-405c73 292->296 297 405de9-405ded 295->297 298 405c75-405c77 296->298 299 405c86-405c96 call 406521 296->299 300 405d97-405d9c 298->300 301 405c7d-405c80 298->301 305 405ca5-405ca6 call 405e3c 299->305 306 405c98-405ca3 lstrcatW 299->306 300->297 304 405d9e-405da1 300->304 301->299 301->300 307 405da3-405da9 304->307 308 405dab-405db3 call 40687e 304->308 309 405cab-405caf 305->309 306->309 307->297 308->297 315 405db5-405dc9 call 405df0 call 405be5 308->315 312 405cb1-405cb9 309->312 313 405cbb-405cc1 lstrcatW 309->313 312->313 316 405cc6-405ce2 lstrlenW FindFirstFileW 312->316 313->316 332 405de1-405de4 call 4055a6 315->332 333 405dcb-405dce 315->333 318 405ce8-405cf0 316->318 319 405d8c-405d90 316->319 320 405d10-405d24 call 406521 318->320 321 405cf2-405cfa 318->321 319->300 323 405d92 319->323 334 405d26-405d2e 320->334 335 405d3b-405d46 call 405be5 320->335 324 405cfc-405d04 321->324 325 405d6f-405d7f FindNextFileW 321->325 323->300 324->320 328 405d06-405d0e 324->328 325->318 331 405d85-405d86 FindClose 325->331 328->320 328->325 331->319 332->297 333->307 336 405dd0-405ddf call 4055a6 call 4062e1 333->336 334->325 337 405d30-405d39 call 405c2d 334->337 345 405d67-405d6a call 4055a6 335->345 346 405d48-405d4b 335->346 336->297 337->325 345->325 349 405d4d-405d5d call 4055a6 call 4062e1 346->349 350 405d5f-405d65 346->350 349->325 350->325
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • DeleteFileW.KERNELBASE(?,?,771B3420,C:\Users\user~1\AppData\Local\Temp\,"C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe"), ref: 00405C56
                                                                                                                                                                                                                                                                                                                                    • lstrcatW.KERNEL32(00424F10,\*.*), ref: 00405C9E
                                                                                                                                                                                                                                                                                                                                    • lstrcatW.KERNEL32(?,0040A014), ref: 00405CC1
                                                                                                                                                                                                                                                                                                                                    • lstrlenW.KERNEL32(?,?,0040A014,?,00424F10,?,?,771B3420,C:\Users\user~1\AppData\Local\Temp\,"C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe"), ref: 00405CC7
                                                                                                                                                                                                                                                                                                                                    • FindFirstFileW.KERNEL32(00424F10,?,?,?,0040A014,?,00424F10,?,?,771B3420,C:\Users\user~1\AppData\Local\Temp\,"C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe"), ref: 00405CD7
                                                                                                                                                                                                                                                                                                                                    • FindNextFileW.KERNEL32(00000000,00000010,000000F2,?,?,?,?,0000002E), ref: 00405D77
                                                                                                                                                                                                                                                                                                                                    • FindClose.KERNEL32(00000000), ref: 00405D86
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    • \*.*, xrefs: 00405C98
                                                                                                                                                                                                                                                                                                                                    • "C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe", xrefs: 00405C36
                                                                                                                                                                                                                                                                                                                                    • C:\Users\user~1\AppData\Local\Temp\, xrefs: 00405C3A
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: FileFind$lstrcat$CloseDeleteFirstNextlstrlen
                                                                                                                                                                                                                                                                                                                                    • String ID: "C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe"$C:\Users\user~1\AppData\Local\Temp\$\*.*
                                                                                                                                                                                                                                                                                                                                    • API String ID: 2035342205-1802767404
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 0b85f367639a69f5b614f98777155fba44d4349fb39831c7af8fd38ecdabae30
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: aec485693c4c1533f42b9347a66a6bbcb57ea8568fe9c979ecac7928daa7b7f5
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 0b85f367639a69f5b614f98777155fba44d4349fb39831c7af8fd38ecdabae30
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 8741D230801A14BADB31BB659D4DAAF7678EF41718F14813FF801B11D5D77C8A829EAE
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 0040687E Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 14fileCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                                                                                                                                                                                    • Executed
                                                                                                                                                                                                                                                                                                                                    • Not Executed
                                                                                                                                                                                                                                                                                                                                    control_flow_graph 499 40687e-406892 FindFirstFileW 500 406894-40689d FindClose 499->500 501 40689f 499->501 502 4068a1-4068a2 500->502 501->502
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • FindFirstFileW.KERNELBASE(771B3420,00425F58,C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp,00405F41,C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp,C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp,00000000,C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp,C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp,771B3420,?,C:\Users\user~1\AppData\Local\Temp\,00405C4D,?,771B3420,C:\Users\user~1\AppData\Local\Temp\), ref: 00406889
                                                                                                                                                                                                                                                                                                                                    • FindClose.KERNEL32(00000000), ref: 00406895
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    • C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp, xrefs: 0040687E
                                                                                                                                                                                                                                                                                                                                    • X_B, xrefs: 0040687F
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: Find$CloseFileFirst
                                                                                                                                                                                                                                                                                                                                    • String ID: C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp$X_B
                                                                                                                                                                                                                                                                                                                                    • API String ID: 2295610775-928036613
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 368a1c0a689282c2aa5195ddf357efb180b92b440bed087baa82a07527058284
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 6d56574ea64d1328abe48e6f64e5cab5a12c2004fb3b9259b4ed260009733db8
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 368a1c0a689282c2aa5195ddf357efb180b92b440bed087baa82a07527058284
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: AFD0123250A5205BC6406B386E0C84B7A58AF553717268A36F5AAF21E0CB788C6696AC
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00406C3F Relevance: 5.4, APIs: 4, Instructions: 382COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                                                                                                                                                                                    • Executed
                                                                                                                                                                                                                                                                                                                                    • Not Executed
                                                                                                                                                                                                                                                                                                                                    control_flow_graph 503 406c3f-406c44 504 406cb5-406cd3 503->504 505 406c46-406c75 503->505 508 4072ab-4072c0 504->508 506 406c77-406c7a 505->506 507 406c7c-406c80 505->507 509 406c8c-406c8f 506->509 510 406c82-406c86 507->510 511 406c88 507->511 512 4072c2-4072d8 508->512 513 4072da-4072f0 508->513 514 406c91-406c9a 509->514 515 406cad-406cb0 509->515 510->509 511->509 516 4072f3-4072fa 512->516 513->516 517 406c9c 514->517 518 406c9f-406cab 514->518 519 406e82-406ea0 515->519 520 407321-40732d 516->520 521 4072fc-407300 516->521 517->518 525 406d15-406d43 518->525 523 406ea2-406eb6 519->523 524 406eb8-406eca 519->524 528 406ac3-406acc 520->528 526 407306-40731e 521->526 527 4074af-4074b9 521->527 529 406ecd-406ed7 523->529 524->529 531 406d45-406d5d 525->531 532 406d5f-406d79 525->532 526->520 530 4074c5-4074d8 527->530 534 406ad2 528->534 535 4074da 528->535 537 406ed9 529->537 538 406e7a-406e80 529->538 536 4074dd-4074e1 530->536 533 406d7c-406d86 531->533 532->533 540 406d8c 533->540 541 406cfd-406d03 533->541 542 406ad9-406add 534->542 543 406c19-406c3a 534->543 544 406b7e-406b82 534->544 545 406bee-406bf2 534->545 535->536 557 407461-40746b 537->557 558 406e5f-406e77 537->558 538->519 539 406e1e-406e28 538->539 551 40746d-407477 539->551 552 406e2e-406ff7 539->552 563 406ce2-406cfa 540->563 564 407449-407453 540->564 553 406db6-406dbc 541->553 554 406d09-406d0f 541->554 542->530 548 406ae3-406af0 542->548 543->508 555 406b88-406ba1 544->555 556 40742e-407438 544->556 549 406bf8-406c0c 545->549 550 40743d-407447 545->550 548->535 559 406af6-406b3c 548->559 560 406c0f-406c17 549->560 550->530 551->530 552->508 552->528 561 406e1a 553->561 562 406dbe-406ddc 553->562 554->525 554->561 566 406ba4-406ba8 555->566 556->530 557->530 558->538 567 406b64-406b66 559->567 568 406b3e-406b42 559->568 560->543 560->545 561->539 569 406df4-406e06 562->569 570 406dde-406df2 562->570 563->541 564->530 566->544 571 406baa-406bb0 566->571 577 406b74-406b7c 567->577 578 406b68-406b72 567->578 574 406b44-406b47 GlobalFree 568->574 575 406b4d-406b5b GlobalAlloc 568->575 576 406e09-406e13 569->576 570->576 572 406bb2-406bb9 571->572 573 406bda-406bec 571->573 579 406bc4-406bd4 GlobalAlloc 572->579 580 406bbb-406bbe GlobalFree 572->580 573->560 574->575 575->535 581 406b61 575->581 576->553 582 406e15 576->582 577->566 578->577 578->578 579->535 579->573 580->579 581->567 584 407455-40745f 582->584 585 406d9b-406db3 582->585 584->530 585->553
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 8964584eaf82ae0cb152a3b9d71f3809ce5605a589357672a1976e67bd0135b4
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 98dfc50ccd9688b87079ede1b44bfc78bfb7a95d74622a08e623e0ee65e5f8c5
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 8964584eaf82ae0cb152a3b9d71f3809ce5605a589357672a1976e67bd0135b4
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: B2F17870D04229CBDF28CFA8C8946ADBBB0FF44305F25816ED456BB281D7786A86CF45
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00403BF3 Relevance: 44.0, APIs: 13, Strings: 12, Instructions: 215stringregistryCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                                                                                                                                                                                    • Executed
                                                                                                                                                                                                                                                                                                                                    • Not Executed
                                                                                                                                                                                                                                                                                                                                    control_flow_graph 151 403bf3-403c0b call 406915 154 403c0d-403c1d call 406468 151->154 155 403c1f-403c56 call 4063ef 151->155 164 403c79-403ca2 call 403ec9 call 405ef8 154->164 160 403c58-403c69 call 4063ef 155->160 161 403c6e-403c74 lstrcatW 155->161 160->161 161->164 169 403d34-403d3c call 405ef8 164->169 170 403ca8-403cad 164->170 176 403d4a-403d6f LoadImageW 169->176 177 403d3e-403d45 call 40655e 169->177 170->169 171 403cb3-403cdb call 4063ef 170->171 171->169 178 403cdd-403ce1 171->178 180 403df0-403df8 call 40140b 176->180 181 403d71-403da1 RegisterClassW 176->181 177->176 182 403cf3-403cff lstrlenW 178->182 183 403ce3-403cf0 call 405e1d 178->183 194 403e02-403e0d call 403ec9 180->194 195 403dfa-403dfd 180->195 184 403da7-403deb SystemParametersInfoW CreateWindowExW 181->184 185 403ebf 181->185 189 403d01-403d0f lstrcmpiW 182->189 190 403d27-403d2f call 405df0 call 406521 182->190 183->182 184->180 188 403ec1-403ec8 185->188 189->190 193 403d11-403d1b GetFileAttributesW 189->193 190->169 197 403d21-403d22 call 405e3c 193->197 198 403d1d-403d1f 193->198 204 403e13-403e2d ShowWindow call 4068a5 194->204 205 403e96-403e9e call 405679 194->205 195->188 197->190 198->190 198->197 210 403e39-403e4b GetClassInfoW 204->210 211 403e2f-403e34 call 4068a5 204->211 212 403ea0-403ea6 205->212 213 403eb8-403eba call 40140b 205->213 217 403e63-403e94 DialogBoxParamW call 40140b call 403b43 210->217 218 403e4d-403e5d GetClassInfoW RegisterClassW 210->218 211->210 212->195 214 403eac-403eb3 call 40140b 212->214 213->185 214->195 217->188 218->217
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00406915: GetModuleHandleA.KERNEL32(?,00000020,?,0040360C,0000000C,?,?,?,?,?,?,?,?), ref: 00406927
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00406915: GetProcAddress.KERNEL32(00000000,?), ref: 00406942
                                                                                                                                                                                                                                                                                                                                    • lstrcatW.KERNEL32(1033,00422F08), ref: 00403C74
                                                                                                                                                                                                                                                                                                                                    • lstrlenW.KERNEL32("C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" /D=,?,?,?,"C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" /D=,00000000,00434800,1033,00422F08,80000001,Control Panel\Desktop\ResourceLocale,00000000,00422F08,00000000,00000002,771B3420), ref: 00403CF4
                                                                                                                                                                                                                                                                                                                                    • lstrcmpiW.KERNEL32(?,.exe,"C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" /D=,?,?,?,"C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" /D=,00000000,00434800,1033,00422F08,80000001,Control Panel\Desktop\ResourceLocale,00000000,00422F08,00000000), ref: 00403D07
                                                                                                                                                                                                                                                                                                                                    • GetFileAttributesW.KERNEL32("C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" /D=), ref: 00403D12
                                                                                                                                                                                                                                                                                                                                    • LoadImageW.USER32(00000067,00000001,00000000,00000000,00008040,00434800), ref: 00403D5B
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00406468: wsprintfW.USER32 ref: 00406475
                                                                                                                                                                                                                                                                                                                                    • RegisterClassW.USER32(004289C0), ref: 00403D98
                                                                                                                                                                                                                                                                                                                                    • SystemParametersInfoW.USER32(00000030,00000000,?,00000000), ref: 00403DB0
                                                                                                                                                                                                                                                                                                                                    • CreateWindowExW.USER32(00000080,_Nb,00000000,80000000,?,?,?,?,00000000,00000000,00000000), ref: 00403DE5
                                                                                                                                                                                                                                                                                                                                    • ShowWindow.USER32(00000005,00000000), ref: 00403E1B
                                                                                                                                                                                                                                                                                                                                    • GetClassInfoW.USER32(00000000,RichEdit20W,004289C0), ref: 00403E47
                                                                                                                                                                                                                                                                                                                                    • GetClassInfoW.USER32(00000000,RichEdit,004289C0), ref: 00403E54
                                                                                                                                                                                                                                                                                                                                    • RegisterClassW.USER32(004289C0), ref: 00403E5D
                                                                                                                                                                                                                                                                                                                                    • DialogBoxParamW.USER32(?,00000000,00403FA1,00000000), ref: 00403E7C
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: Class$Info$RegisterWindow$AddressAttributesCreateDialogFileHandleImageLoadModuleParamParametersProcShowSystemlstrcatlstrcmpilstrlenwsprintf
                                                                                                                                                                                                                                                                                                                                    • String ID: "C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" /D=$"C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe"$.DEFAULT\Control Panel\International$.exe$1033$C:\Users\user~1\AppData\Local\Temp\$Control Panel\Desktop\ResourceLocale$RichEd20$RichEd32$RichEdit$RichEdit20W$_Nb
                                                                                                                                                                                                                                                                                                                                    • API String ID: 1975747703-3519440343
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 0ef04955f1a6976a10593322067df9edaff6e7f7a832361b73f8beed2d85b6c9
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 6a74b9b34ded998ebd2751605f77428bf44f11e359ee0ac59d58ca77ea789e65
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 0ef04955f1a6976a10593322067df9edaff6e7f7a832361b73f8beed2d85b6c9
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 2C61B770200740BAD620AF669D46F2B3A7CEB84B45F81453FF941B61E2CB7D5942CB6D
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00403082 Relevance: 24.7, APIs: 5, Strings: 9, Instructions: 181memoryCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                                                                                                                                                                                    • Executed
                                                                                                                                                                                                                                                                                                                                    • Not Executed
                                                                                                                                                                                                                                                                                                                                    control_flow_graph 225 403082-4030d0 GetTickCount GetModuleFileNameW call 406011 228 4030d2-4030d7 225->228 229 4030dc-40310a call 406521 call 405e3c call 406521 GetFileSize 225->229 230 4032b2-4032b6 228->230 237 403110 229->237 238 4031f5-403203 call 40301e 229->238 240 403115-40312c 237->240 244 403205-403208 238->244 245 403258-40325d 238->245 242 403130-403139 call 40349e 240->242 243 40312e 240->243 251 40325f-403267 call 40301e 242->251 252 40313f-403146 242->252 243->242 247 40320a-403222 call 4034b4 call 40349e 244->247 248 40322c-403256 GlobalAlloc call 4034b4 call 4032b9 244->248 245->230 247->245 271 403224-40322a 247->271 248->245 276 403269-40327a 248->276 251->245 256 4031c2-4031c6 252->256 257 403148-40315c call 405fcc 252->257 261 4031d0-4031d6 256->261 262 4031c8-4031cf call 40301e 256->262 257->261 274 40315e-403165 257->274 267 4031e5-4031ed 261->267 268 4031d8-4031e2 call 406a02 261->268 262->261 267->240 275 4031f3 267->275 268->267 271->245 271->248 274->261 280 403167-40316e 274->280 275->238 277 403282-403287 276->277 278 40327c 276->278 281 403288-40328e 277->281 278->277 280->261 282 403170-403177 280->282 281->281 283 403290-4032ab SetFilePointer call 405fcc 281->283 282->261 284 403179-403180 282->284 288 4032b0 283->288 284->261 285 403182-4031a2 284->285 285->245 287 4031a8-4031ac 285->287 289 4031b4-4031bc 287->289 290 4031ae-4031b2 287->290 288->230 289->261 291 4031be-4031c0 289->291 290->275 290->289 291->261
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • GetTickCount.KERNEL32 ref: 00403093
                                                                                                                                                                                                                                                                                                                                    • GetModuleFileNameW.KERNEL32(00000000,C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe,00000400), ref: 004030AF
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00406011: GetFileAttributesW.KERNELBASE(00000003,004030C2,C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe,80000000,00000003), ref: 00406015
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00406011: CreateFileW.KERNELBASE(?,?,00000001,00000000,?,00000001,00000000), ref: 00406037
                                                                                                                                                                                                                                                                                                                                    • GetFileSize.KERNEL32(00000000,00000000,00438000,00000000,C:\Users\user\Desktop,C:\Users\user\Desktop,C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe,C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe,80000000,00000003), ref: 004030FB
                                                                                                                                                                                                                                                                                                                                    • GlobalAlloc.KERNELBASE(00000040,?), ref: 00403231
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    • Null, xrefs: 00403179
                                                                                                                                                                                                                                                                                                                                    • soft, xrefs: 00403170
                                                                                                                                                                                                                                                                                                                                    • C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe, xrefs: 00403099, 004030A8, 004030BC, 004030DC
                                                                                                                                                                                                                                                                                                                                    • C:\Users\user\Desktop, xrefs: 004030DD, 004030E2, 004030E8
                                                                                                                                                                                                                                                                                                                                    • "C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe", xrefs: 00403088
                                                                                                                                                                                                                                                                                                                                    • C:\Users\user~1\AppData\Local\Temp\, xrefs: 00403089
                                                                                                                                                                                                                                                                                                                                    • Installer integrity check has failed. Common causes includeincomplete download and damaged media. Contact theinstaller's author , xrefs: 00403258
                                                                                                                                                                                                                                                                                                                                    • Error launching installer, xrefs: 004030D2
                                                                                                                                                                                                                                                                                                                                    • Inst, xrefs: 00403167
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: File$AllocAttributesCountCreateGlobalModuleNameSizeTick
                                                                                                                                                                                                                                                                                                                                    • String ID: "C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe"$C:\Users\user~1\AppData\Local\Temp\$C:\Users\user\Desktop$C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe$Error launching installer$Inst$Installer integrity check has failed. Common causes includeincomplete download and damaged media. Contact theinstaller's author $Null$soft
                                                                                                                                                                                                                                                                                                                                    • API String ID: 2803837635-2439772884
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: f6f149303cde104692999693530b98443d3dd0b2c967e283c98aa5a581eac7be
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 0271efb430f2efbe2fca7880162b12dddab7439e54d706f300c55aed9b32fb97
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: f6f149303cde104692999693530b98443d3dd0b2c967e283c98aa5a581eac7be
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 7B51C071A01304ABDB209F65DD85B9E7FACAB09316F10407BF904B62D1D7789E818B5D
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00401774 Relevance: 15.9, APIs: 5, Strings: 4, Instructions: 145stringtimeCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                                                                                                                                                                                    • Executed
                                                                                                                                                                                                                                                                                                                                    • Not Executed
                                                                                                                                                                                                                                                                                                                                    control_flow_graph 356 401774-401799 call 402dab call 405e67 361 4017a3-4017b5 call 406521 call 405df0 lstrcatW 356->361 362 40179b-4017a1 call 406521 356->362 367 4017ba-4017bb call 4067cf 361->367 362->367 371 4017c0-4017c4 367->371 372 4017c6-4017d0 call 40687e 371->372 373 4017f7-4017fa 371->373 380 4017e2-4017f4 372->380 381 4017d2-4017e0 CompareFileTime 372->381 374 401802-40181e call 406011 373->374 375 4017fc-4017fd call 405fec 373->375 383 401820-401823 374->383 384 401892-4018bb call 4055a6 call 4032b9 374->384 375->374 380->373 381->380 385 401874-40187e call 4055a6 383->385 386 401825-401863 call 406521 * 2 call 40655e call 406521 call 405b81 383->386 396 4018c3-4018cf SetFileTime 384->396 397 4018bd-4018c1 384->397 398 401887-40188d 385->398 386->371 418 401869-40186a 386->418 400 4018d5-4018e0 FindCloseChangeNotification 396->400 397->396 397->400 401 402c38 398->401 404 4018e6-4018e9 400->404 405 402c2f-402c32 400->405 406 402c3a-402c3e 401->406 408 4018eb-4018fc call 40655e lstrcatW 404->408 409 4018fe-401901 call 40655e 404->409 405->401 415 401906-4023a7 call 405b81 408->415 409->415 415->405 415->406 418->398 420 40186c-40186d 418->420 420->385
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • lstrcatW.KERNEL32(00000000,00000000), ref: 004017B5
                                                                                                                                                                                                                                                                                                                                    • CompareFileTime.KERNEL32(-00000014,?,"C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" /D=,"C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" /D=,00000000,00000000,"C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" /D=,C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp,?,?,00000031), ref: 004017DA
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00406521: lstrcpynW.KERNEL32(?,?,00000400,0040366E,00428A20,NSIS Error,?,00000008,0000000A,0000000C), ref: 0040652E
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 004055A6: lstrlenW.KERNEL32(00421EE8,00000000,006E2E52,00000000,?,?,?,?,?,?,?,?,?,004033F2,00000000,?), ref: 004055DE
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 004055A6: lstrlenW.KERNEL32(004033F2,00421EE8,00000000,006E2E52,00000000,?,?,?,?,?,?,?,?,?,004033F2,00000000), ref: 004055EE
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 004055A6: lstrcatW.KERNEL32(00421EE8,004033F2), ref: 00405601
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 004055A6: SetWindowTextW.USER32(00421EE8,00421EE8), ref: 00405613
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 004055A6: SendMessageW.USER32(?,00001004,00000000,00000000), ref: 00405639
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 004055A6: SendMessageW.USER32(?,0000104D,00000000,00000001), ref: 00405653
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 004055A6: SendMessageW.USER32(?,00001013,?,00000000), ref: 00405661
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: MessageSend$lstrcatlstrlen$CompareFileTextTimeWindowlstrcpyn
                                                                                                                                                                                                                                                                                                                                    • String ID: "C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" /D=$$VersionToInstall$C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp$C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp
                                                                                                                                                                                                                                                                                                                                    • API String ID: 1941528284-1116261709
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: fee3e7ed0ab5e121637f04a725511c5a0f25f3915fa7b28c3905e20eb0eb94be
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 1777f765e23ed303a4c4324df0f40fc052c607b9e3f25272d24a03cacca2a4dc
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: fee3e7ed0ab5e121637f04a725511c5a0f25f3915fa7b28c3905e20eb0eb94be
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 9E41A531900509BACF117BA9DD86DAF3AB5EF45328B20423FF512B10E1DB3C8A52966D
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 004032B9 Relevance: 10.7, APIs: 4, Strings: 2, Instructions: 155COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                                                                                                                                                                                    • Executed
                                                                                                                                                                                                                                                                                                                                    • Not Executed
                                                                                                                                                                                                                                                                                                                                    control_flow_graph 422 4032b9-4032d0 423 4032d2 422->423 424 4032d9-4032e1 422->424 423->424 425 4032e3 424->425 426 4032e8-4032ed 424->426 425->426 427 4032fd-40330a call 40349e 426->427 428 4032ef-4032f8 call 4034b4 426->428 432 403310-403314 427->432 433 403455 427->433 428->427 435 40331a-40333a GetTickCount call 406a70 432->435 436 40343e-403440 432->436 434 403457-403458 433->434 437 403497-40349b 434->437 448 403494 435->448 450 403340-403348 435->450 438 403442-403445 436->438 439 403489-40348d 436->439 441 403447 438->441 442 40344a-403453 call 40349e 438->442 443 40345a-403460 439->443 444 40348f 439->444 441->442 442->433 455 403491 442->455 446 403462 443->446 447 403465-403473 call 40349e 443->447 444->448 446->447 447->433 459 403475-40347a call 4060c3 447->459 448->437 453 40334a 450->453 454 40334d-40335b call 40349e 450->454 453->454 454->433 460 403361-40336a 454->460 455->448 463 40347f-403481 459->463 462 403370-403383 call 406a90 460->462 467 403388-40338d 462->467 465 403483-403486 463->465 466 40343a-40343c 463->466 465->439 466->434 468 403393-4033aa GetTickCount 467->468 469 403436-403438 467->469 470 4033f5-4033f7 468->470 471 4033ac-4033b4 468->471 469->434 474 4033f9-4033fd 470->474 475 40342a-40342e 470->475 472 4033b6-4033ba 471->472 473 4033bc-4033f2 MulDiv wsprintfW call 4055a6 471->473 472->470 472->473 473->470 478 403412-403418 474->478 479 4033ff-40340b call 4060c3 474->479 475->450 476 403434 475->476 476->448 481 40341e-403422 478->481 479->466 485 40340d-403410 479->485 481->462 484 403428 481->484 484->448 485->481
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: CountTick$wsprintf
                                                                                                                                                                                                                                                                                                                                    • String ID: ... %d%%$R.n
                                                                                                                                                                                                                                                                                                                                    • API String ID: 551687249-4228934761
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 05f4ba2d2f2a4a5dfa404d26d053dcd1f9bdf675e575ac8564198bce70fe1ccc
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 25ee467b37f7358b1d8943912f63d539eb3ef7c07a249f5ee2dc3eaa61b9464a
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 05f4ba2d2f2a4a5dfa404d26d053dcd1f9bdf675e575ac8564198bce70fe1ccc
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 5B518E31900219EBCB11DF65DA44BAF3FA8AB40726F14417BF804BB2C1D7789E408BA9
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 004068A5 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 36libraryCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                                                                                                                                                                                    • Executed
                                                                                                                                                                                                                                                                                                                                    • Not Executed
                                                                                                                                                                                                                                                                                                                                    control_flow_graph 486 4068a5-4068c5 GetSystemDirectoryW 487 4068c7 486->487 488 4068c9-4068cb 486->488 487->488 489 4068dc-4068de 488->489 490 4068cd-4068d6 488->490 492 4068df-406912 wsprintfW LoadLibraryExW 489->492 490->489 491 4068d8-4068da 490->491 491->492
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • GetSystemDirectoryW.KERNEL32(?,00000104), ref: 004068BC
                                                                                                                                                                                                                                                                                                                                    • wsprintfW.USER32 ref: 004068F7
                                                                                                                                                                                                                                                                                                                                    • LoadLibraryExW.KERNELBASE(?,00000000,00000008), ref: 0040690B
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: DirectoryLibraryLoadSystemwsprintf
                                                                                                                                                                                                                                                                                                                                    • String ID: %s%S.dll$UXTHEME
                                                                                                                                                                                                                                                                                                                                    • API String ID: 2200240437-1106614640
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 7a73cbb44207cafadb11ab8eaaa41fd963bfa172cfc882b2dd9c54e233860d96
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: d40490b37a95929041f6b14fe17981fa15644a851550e805e000283098582d10
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 7a73cbb44207cafadb11ab8eaaa41fd963bfa172cfc882b2dd9c54e233860d96
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 41F0FC31511119AACF10BB64DD0DF9B375C9B00305F10847AE546F10D0EB789A68CBA8
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00406040 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 37COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                                                                                                                                                                                    • Executed
                                                                                                                                                                                                                                                                                                                                    • Not Executed
                                                                                                                                                                                                                                                                                                                                    control_flow_graph 493 406040-40604c 494 40604d-406081 GetTickCount GetTempFileNameW 493->494 495 406090-406092 494->495 496 406083-406085 494->496 498 40608a-40608d 495->498 496->494 497 406087 496->497 497->498
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • GetTickCount.KERNEL32 ref: 0040605E
                                                                                                                                                                                                                                                                                                                                    • GetTempFileNameW.KERNELBASE(?,?,00000000,?,?,?,00000000,004034FA,1033,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,004037E6), ref: 00406079
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: CountFileNameTempTick
                                                                                                                                                                                                                                                                                                                                    • String ID: C:\Users\user~1\AppData\Local\Temp\$nsa
                                                                                                                                                                                                                                                                                                                                    • API String ID: 1716503409-3083371207
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 017de5c5da22b1c6cf72d7a8a287ef2c48f88e3ac937424cf3c6df762bd8e462
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 4304e6ca34acc2e603ac9508cdf3fa98200610ac432ccd05af3fd9fdb7d66135
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 017de5c5da22b1c6cf72d7a8a287ef2c48f88e3ac937424cf3c6df762bd8e462
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 58F09676B40204FBDB10CF55ED05F9EB7ACEB95750F11403AEE05F7140E6B099548768
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 004015C6 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 65COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                                                                                                                                                                                    • Executed
                                                                                                                                                                                                                                                                                                                                    • Not Executed
                                                                                                                                                                                                                                                                                                                                    control_flow_graph 586 4015c6-4015da call 402dab call 405e9b 591 401636-401639 586->591 592 4015dc-4015ef call 405e1d 586->592 594 401668-4022fb call 401423 591->594 595 40163b-40165a call 401423 call 406521 SetCurrentDirectoryW 591->595 601 4015f1-4015f4 592->601 602 401609-40160c call 405acf 592->602 609 402c2f-402c3e 594->609 595->609 612 401660-401663 595->612 601->602 603 4015f6-4015fd call 405aec 601->603 610 401611-401613 602->610 603->602 616 4015ff-401602 call 405a75 603->616 614 401615-40161a 610->614 615 40162c-401634 610->615 612->609 618 401629 614->618 619 40161c-401627 GetFileAttributesW 614->619 615->591 615->592 621 401607 616->621 618->615 619->615 619->618 621->610
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405E9B: CharNextW.USER32(?,?,C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp,?,00405F0F,C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp,C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp,771B3420,?,C:\Users\user~1\AppData\Local\Temp\,00405C4D,?,771B3420,C:\Users\user~1\AppData\Local\Temp\,"C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe"), ref: 00405EA9
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405E9B: CharNextW.USER32(00000000), ref: 00405EAE
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405E9B: CharNextW.USER32(00000000), ref: 00405EC6
                                                                                                                                                                                                                                                                                                                                    • GetFileAttributesW.KERNELBASE(?,?,00000000,0000005C,00000000,000000F0), ref: 0040161F
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405A75: CreateDirectoryW.KERNELBASE(0042C800,?), ref: 00405AB7
                                                                                                                                                                                                                                                                                                                                    • SetCurrentDirectoryW.KERNELBASE(?,C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp,?,00000000,000000F0), ref: 00401652
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    • C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp, xrefs: 00401645
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: CharNext$Directory$AttributesCreateCurrentFile
                                                                                                                                                                                                                                                                                                                                    • String ID: C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp
                                                                                                                                                                                                                                                                                                                                    • API String ID: 1892508949-1653284194
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: dfbef134f4d070f8c301a68e504dcc26ca0c060d8320e506d1b237f0a1d23dcb
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: ceaefb5432ba9a2b041ab88b04bec91c1a8495824eafa6d8534a6d53eb807851
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: dfbef134f4d070f8c301a68e504dcc26ca0c060d8320e506d1b237f0a1d23dcb
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 2D11D031504604ABCF206FA5CD4099F36B0EF04368B29493FE941B22E1DA3E4E819E8E
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00407074 Relevance: 5.2, APIs: 4, Instructions: 236COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                                                                                                                                                                                    • Executed
                                                                                                                                                                                                                                                                                                                                    • Not Executed
                                                                                                                                                                                                                                                                                                                                    control_flow_graph 622 407074-40707a 623 40707c-40707e 622->623 624 40707f-40709d 622->624 623->624 625 407370-40737d 624->625 626 4072ab-4072c0 624->626 629 4073a7-4073ab 625->629 627 4072c2-4072d8 626->627 628 4072da-4072f0 626->628 632 4072f3-4072fa 627->632 628->632 630 40740b-40741e 629->630 631 4073ad-4073ce 629->631 635 407327-40732d 630->635 633 4073d0-4073e5 631->633 634 4073e7-4073fa 631->634 636 407321 632->636 637 4072fc-407300 632->637 639 4073fd-407404 633->639 634->639 642 406ad2 635->642 643 4074da 635->643 636->635 640 407306-40731e 637->640 641 4074af-4074b9 637->641 644 4073a4 639->644 645 407406 639->645 640->636 646 4074c5-4074d8 641->646 647 406ad9-406add 642->647 648 406c19-406c3a 642->648 649 406b7e-406b82 642->649 650 406bee-406bf2 642->650 651 4074dd-4074e1 643->651 644->629 653 407389-4073a1 645->653 654 4074bb 645->654 646->651 647->646 655 406ae3-406af0 647->655 648->626 658 406b88-406ba1 649->658 659 40742e-407438 649->659 656 406bf8-406c0c 650->656 657 40743d-407447 650->657 653->644 654->646 655->643 660 406af6-406b3c 655->660 661 406c0f-406c17 656->661 657->646 662 406ba4-406ba8 658->662 659->646 663 406b64-406b66 660->663 664 406b3e-406b42 660->664 661->648 661->650 662->649 665 406baa-406bb0 662->665 670 406b74-406b7c 663->670 671 406b68-406b72 663->671 668 406b44-406b47 GlobalFree 664->668 669 406b4d-406b5b GlobalAlloc 664->669 666 406bb2-406bb9 665->666 667 406bda-406bec 665->667 672 406bc4-406bd4 GlobalAlloc 666->672 673 406bbb-406bbe GlobalFree 666->673 667->661 668->669 669->643 674 406b61 669->674 670->662 671->670 671->671 672->643 672->667 673->672 674->663
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: aff26f2f30a057b7958a1e63094fc459aa306f2dc33e22a09454c964c074026f
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 2d246cc9a99bab59b70d05231fecbcf7b107c6ac3beee636f2a296df3f85dc82
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: aff26f2f30a057b7958a1e63094fc459aa306f2dc33e22a09454c964c074026f
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 7DA14571E04228DBDF28CFA8C8546ADBBB1FF44305F10816AD856BB281D7786986DF45
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00407275 Relevance: 5.2, APIs: 4, Instructions: 208COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                                                                                                                                                                                    • Executed
                                                                                                                                                                                                                                                                                                                                    • Not Executed
                                                                                                                                                                                                                                                                                                                                    control_flow_graph 675 407275-407279 676 40729b-4072a8 675->676 677 40727b-40737d 675->677 679 4072ab-4072c0 676->679 687 4073a7-4073ab 677->687 681 4072c2-4072d8 679->681 682 4072da-4072f0 679->682 684 4072f3-4072fa 681->684 682->684 685 407321 684->685 686 4072fc-407300 684->686 688 407327-40732d 685->688 691 407306-40731e 686->691 692 4074af-4074b9 686->692 689 40740b-40741e 687->689 690 4073ad-4073ce 687->690 697 406ad2 688->697 698 4074da 688->698 689->688 694 4073d0-4073e5 690->694 695 4073e7-4073fa 690->695 691->685 696 4074c5-4074d8 692->696 700 4073fd-407404 694->700 695->700 699 4074dd-4074e1 696->699 701 406ad9-406add 697->701 702 406c19-406c3a 697->702 703 406b7e-406b82 697->703 704 406bee-406bf2 697->704 698->699 705 4073a4 700->705 706 407406 700->706 701->696 707 406ae3-406af0 701->707 702->679 711 406b88-406ba1 703->711 712 40742e-407438 703->712 708 406bf8-406c0c 704->708 709 40743d-407447 704->709 705->687 713 407389-4073a1 706->713 714 4074bb 706->714 707->698 715 406af6-406b3c 707->715 716 406c0f-406c17 708->716 709->696 717 406ba4-406ba8 711->717 712->696 713->705 714->696 718 406b64-406b66 715->718 719 406b3e-406b42 715->719 716->702 716->704 717->703 720 406baa-406bb0 717->720 725 406b74-406b7c 718->725 726 406b68-406b72 718->726 723 406b44-406b47 GlobalFree 719->723 724 406b4d-406b5b GlobalAlloc 719->724 721 406bb2-406bb9 720->721 722 406bda-406bec 720->722 727 406bc4-406bd4 GlobalAlloc 721->727 728 406bbb-406bbe GlobalFree 721->728 722->716 723->724 724->698 729 406b61 724->729 725->717 726->725 726->726 727->698 727->722 728->727 729->718
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 3ac8a4bfdb441625c816955e49305bbe8ba575533dfee591c2cbe8a61bd4ebd3
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 7b0bebd33542e08950ef610181a47380a5391ae5859bceecccad38cd1577eaed
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 3ac8a4bfdb441625c816955e49305bbe8ba575533dfee591c2cbe8a61bd4ebd3
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 90911370E04228CBDF28CF98C854BADBBB1FF44305F14816AD856BB291D778A986DF45
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00406F8B Relevance: 5.2, APIs: 4, Instructions: 205COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                                                                                                                                                                                    • Executed
                                                                                                                                                                                                                                                                                                                                    • Not Executed
                                                                                                                                                                                                                                                                                                                                    control_flow_graph 730 406f8b-406f8f 731 406f95-406f99 730->731 732 407046-407058 730->732 733 4074da 731->733 734 406f9f-406fb3 731->734 741 4072ab-4072c0 732->741 737 4074dd-4074e1 733->737 735 407479-407483 734->735 736 406fb9-406fc2 734->736 742 4074c5-4074d8 735->742 739 406fc4 736->739 740 406fc7-406ff7 736->740 739->740 740->741 746 406ac3-406acc 740->746 744 4072c2-4072d8 741->744 745 4072da-4072f0 741->745 742->737 747 4072f3-4072fa 744->747 745->747 746->733 748 406ad2 746->748 749 407321-40732d 747->749 750 4072fc-407300 747->750 752 406ad9-406add 748->752 753 406c19-406c3a 748->753 754 406b7e-406b82 748->754 755 406bee-406bf2 748->755 749->746 756 407306-40731e 750->756 757 4074af-4074b9 750->757 752->742 758 406ae3-406af0 752->758 753->741 761 406b88-406ba1 754->761 762 40742e-407438 754->762 759 406bf8-406c0c 755->759 760 40743d-407447 755->760 756->749 757->742 758->733 763 406af6-406b3c 758->763 764 406c0f-406c17 759->764 760->742 765 406ba4-406ba8 761->765 762->742 766 406b64-406b66 763->766 767 406b3e-406b42 763->767 764->753 764->755 765->754 768 406baa-406bb0 765->768 773 406b74-406b7c 766->773 774 406b68-406b72 766->774 771 406b44-406b47 GlobalFree 767->771 772 406b4d-406b5b GlobalAlloc 767->772 769 406bb2-406bb9 768->769 770 406bda-406bec 768->770 775 406bc4-406bd4 GlobalAlloc 769->775 776 406bbb-406bbe GlobalFree 769->776 770->764 771->772 772->733 777 406b61 772->777 773->765 774->773 774->774 775->733 775->770 776->775 777->766
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 4946c792fe510ceb6f898f1d350858136886e798b9c642bfd65d449563e2a9d8
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: bb56daa647bdc5b8eebe4baaa8fd529e9884befb34821132b6d53cadc5dab3c5
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 4946c792fe510ceb6f898f1d350858136886e798b9c642bfd65d449563e2a9d8
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 84814571E04228DBDF24CFA8C844BADBBB1FF44305F24816AD456BB281D778A986DF05
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00406A90 Relevance: 5.2, APIs: 4, Instructions: 198COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                                                                                                                                                                                    • Executed
                                                                                                                                                                                                                                                                                                                                    • Not Executed
                                                                                                                                                                                                                                                                                                                                    control_flow_graph 778 406a90-406ab3 779 406ab5-406ab8 778->779 780 406abd-406ac0 778->780 781 4074dd-4074e1 779->781 782 406ac3-406acc 780->782 783 406ad2 782->783 784 4074da 782->784 785 406ad9-406add 783->785 786 406c19-4072c0 783->786 787 406b7e-406b82 783->787 788 406bee-406bf2 783->788 784->781 789 406ae3-406af0 785->789 790 4074c5-4074d8 785->790 798 4072c2-4072d8 786->798 799 4072da-4072f0 786->799 794 406b88-406ba1 787->794 795 40742e-407438 787->795 791 406bf8-406c0c 788->791 792 40743d-407447 788->792 789->784 796 406af6-406b3c 789->796 790->781 797 406c0f-406c17 791->797 792->790 800 406ba4-406ba8 794->800 795->790 801 406b64-406b66 796->801 802 406b3e-406b42 796->802 797->786 797->788 803 4072f3-4072fa 798->803 799->803 800->787 804 406baa-406bb0 800->804 809 406b74-406b7c 801->809 810 406b68-406b72 801->810 807 406b44-406b47 GlobalFree 802->807 808 406b4d-406b5b GlobalAlloc 802->808 811 407321-40732d 803->811 812 4072fc-407300 803->812 805 406bb2-406bb9 804->805 806 406bda-406bec 804->806 813 406bc4-406bd4 GlobalAlloc 805->813 814 406bbb-406bbe GlobalFree 805->814 806->797 807->808 808->784 816 406b61 808->816 809->800 810->809 810->810 811->782 817 407306-40731e 812->817 818 4074af-4074b9 812->818 813->784 813->806 814->813 816->801 817->811 818->790
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 40acfd0569c51a0ed8326a41ceea3e1cadcd4e5eff2ca22ce679809f46488b45
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 4c059968f2e2b24eb1e5e0c9ef09b3253d11b2009d36a285a9eb138ea7c1b005
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 40acfd0569c51a0ed8326a41ceea3e1cadcd4e5eff2ca22ce679809f46488b45
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 5B815971E04228DBDF24CFA8C8447ADBBB0FF44305F20816AD456BB281D7786986DF45
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00406EDE Relevance: 5.2, APIs: 4, Instructions: 180COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 7ecfdc6a50dff7d8916ace13d1bdc0889b51af96eca2ccc09b1dd9eb10df24f6
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: d60cf97a253a7e6a69b3ee1887f4eadeccf904993e12f72ad3f9abe973951288
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 7ecfdc6a50dff7d8916ace13d1bdc0889b51af96eca2ccc09b1dd9eb10df24f6
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: A1711371E04228DBDF24CFA8C844BADBBB1FF44305F15806AD856BB281D778A986DF45
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00406FFC Relevance: 5.2, APIs: 4, Instructions: 170COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: c11de4171378e898cf9dd0cf6cc2122b5d0c7e9a287f85b53884598f27a71e29
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 85b777fa610547d2183482adb232412925907ddbdaa1129d6a49a25a13354a82
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: c11de4171378e898cf9dd0cf6cc2122b5d0c7e9a287f85b53884598f27a71e29
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 9D714671E04228DBDF28CF98C844BADBBB1FF44305F14816AD856BB281D778A986DF45
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00406F48 Relevance: 5.2, APIs: 4, Instructions: 168COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: f1fa58480ac5da56fa6cc6281bf6ff7b0f773126a89d504887f275dca7af18c3
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 068c41ea6699cb9b24c5d93e390f6e15a746ef4a0ce6273c00671ddd4a3661d6
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: f1fa58480ac5da56fa6cc6281bf6ff7b0f773126a89d504887f275dca7af18c3
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: E0715771E04228DBDF24CF98C844BADBBB1FF44305F15806AD856BB281C778AA86DF45
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00401BA0 Relevance: 4.6, APIs: 2, Strings: 1, Instructions: 72memoryCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • GlobalFree.KERNEL32(006EFCD8), ref: 00401C10
                                                                                                                                                                                                                                                                                                                                    • GlobalAlloc.KERNELBASE(00000040,00000804), ref: 00401C22
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: Global$AllocFree
                                                                                                                                                                                                                                                                                                                                    • String ID: "C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" /D=
                                                                                                                                                                                                                                                                                                                                    • API String ID: 3394109436-748030194
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 912042247f91428da489115643b6de71280009c4a347fbe359cf9eb4d516dc52
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 4f57f46d507340bd06d3479355973fa93edc06c360faa14cbfff374a5dc28ea7
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 912042247f91428da489115643b6de71280009c4a347fbe359cf9eb4d516dc52
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 5721F673904214EBDB30AFA8DE85A5F72B4AB08324714053FF642B32C4C6B8DC418B9D
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 0040252F Relevance: 3.1, APIs: 2, Instructions: 56registryCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • RegQueryValueExW.KERNELBASE(00000000,00000000,?,?,?,?,?,?,?,?,00000033), ref: 00402560
                                                                                                                                                                                                                                                                                                                                    • RegCloseKey.ADVAPI32(?,?,?,$VersionToInstall,00000000,00000011,00000002), ref: 00402602
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: CloseQueryValue
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 3356406503-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: f9b5b70eb5f8eb92ec57ded847e112811e229396ee3b7d9d1295a2e9ebcd785a
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: b0e4e1b430255f92fa12a8c2637aeeefdc8d450e0dea4cce8f1fdd2cec8de2f5
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: f9b5b70eb5f8eb92ec57ded847e112811e229396ee3b7d9d1295a2e9ebcd785a
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 61116A71900219EBDF14DFA0DA989AEB7B4BF04349F20447FE406B62C0D7B84A45EB5E
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00401389 Relevance: 3.0, APIs: 2, Instructions: 43windowCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • MulDiv.KERNEL32(00007530,00000000,00000000), ref: 004013E4
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(0040A2D8,00000402,00000000), ref: 004013F4
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: MessageSend
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 3850602802-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 24120cd7971efbcf380a3cfcf85aef56aa5faf56da28ec4d1ccb8bb0957475b6
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 2b867b2a322a557ec20ecaa395e060e0be7e2a6973b32d365fcb6e947ad1390c
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 24120cd7971efbcf380a3cfcf85aef56aa5faf56da28ec4d1ccb8bb0957475b6
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 9E01F4327242209BE7195B389D05B6B3798E710314F10863FF855F66F1DA78CC429B4C
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00405A75 Relevance: 3.0, APIs: 2, Instructions: 26COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • CreateDirectoryW.KERNELBASE(0042C800,?), ref: 00405AB7
                                                                                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32 ref: 00405AC5
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: CreateDirectoryErrorLast
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 1375471231-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 93d1f65b513afb97053b6d969de6af344d99c991354c8e43ed6bd2c6eb9068ab
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 25953aab165e2e3bb2b5eb59dc1d6ee29197e23c9d0e5a802ce790cbbbfebc39
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 93d1f65b513afb97053b6d969de6af344d99c991354c8e43ed6bd2c6eb9068ab
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 33F0F4B1D1060EDADB00DFA4C6497EFBBB4AB04309F04812AD941B6281D7B982488FA9
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00405B04 Relevance: 3.0, APIs: 2, Instructions: 24processCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • CreateProcessW.KERNELBASE(00000000,0042C800,00000000,00000000,00000000,04000000,00000000,00000000,00425F10,?,?,?,0042C800,?), ref: 00405B2D
                                                                                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(?,?,?,0042C800,?), ref: 00405B3A
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: CloseCreateHandleProcess
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 3712363035-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: ab728716b39bc4ae5022fc4c28ab15e9e5542c8e0cf41f1555c5a84b4fa30c9d
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: ee07c3f2d7011aacc779afc4df031ab31c5939bdda65a61cc684f2ad200dc2b8
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: ab728716b39bc4ae5022fc4c28ab15e9e5542c8e0cf41f1555c5a84b4fa30c9d
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 7FE0BFB4610219BFFB10AB64ED05F7B77BCF704604F418825BD10F2551E774A9148A78
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00406915 Relevance: 3.0, APIs: 2, Instructions: 22libraryloaderCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • GetModuleHandleA.KERNEL32(?,00000020,?,0040360C,0000000C,?,?,?,?,?,?,?,?), ref: 00406927
                                                                                                                                                                                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,?), ref: 00406942
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 004068A5: GetSystemDirectoryW.KERNEL32(?,00000104), ref: 004068BC
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 004068A5: wsprintfW.USER32 ref: 004068F7
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 004068A5: LoadLibraryExW.KERNELBASE(?,00000000,00000008), ref: 0040690B
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: AddressDirectoryHandleLibraryLoadModuleProcSystemwsprintf
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 2547128583-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 38b25401b771ecf209a524bd0999a173af8b0ad39984603ae0a2953bb283c85e
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 5852e889d14e736f2df1098d3b7202b06462132acdc852f75f804bf3a6ff6809
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 38b25401b771ecf209a524bd0999a173af8b0ad39984603ae0a2953bb283c85e
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: FCE08673604310EBD61056755D04D2773A8AF95A50302483EFD46F2144D738DC32A66A
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00406011 Relevance: 3.0, APIs: 2, Instructions: 16fileCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • GetFileAttributesW.KERNELBASE(00000003,004030C2,C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe,80000000,00000003), ref: 00406015
                                                                                                                                                                                                                                                                                                                                    • CreateFileW.KERNELBASE(?,?,00000001,00000000,?,00000001,00000000), ref: 00406037
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: File$AttributesCreate
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 415043291-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 6be4d53c09d0ea7202590e2ef391dde9d68f005235e9a58d36352f422cb06a2c
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 9d50a09f5748d4f60ef03139cc16a9656d1073ae209d3065c053d14625e31d4c
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 6be4d53c09d0ea7202590e2ef391dde9d68f005235e9a58d36352f422cb06a2c
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 87D09E31654301AFEF098F20DE16F2EBAA2EB84B00F11552CB682941E0DA715819DB15
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00405FEC Relevance: 3.0, APIs: 2, Instructions: 13COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • GetFileAttributesW.KERNELBASE(?,?,00405BF1,?,?,00000000,00405DC7,?,?,?,?), ref: 00405FF1
                                                                                                                                                                                                                                                                                                                                    • SetFileAttributesW.KERNEL32(?,00000000), ref: 00406005
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: AttributesFile
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 3188754299-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: bc30e5c928ed30f9cb3e730bb3a024ff28878b527ec9bdb2640fa07c227b463d
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 701c1f243114c6c95f20a1fe0a395a260d282ed21d39929bf23a1ad3933a3a4e
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: bc30e5c928ed30f9cb3e730bb3a024ff28878b527ec9bdb2640fa07c227b463d
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: E9D0C972504220AFD2102728AE0889BBB55DB54271B028A35F8A9A22B0CB314C668694
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00405ACF Relevance: 3.0, APIs: 2, Instructions: 9COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • CreateDirectoryW.KERNELBASE(?,00000000,004034EF,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,004037E6,?,00000008,0000000A,0000000C), ref: 00405AD5
                                                                                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32(?,00000008,0000000A,0000000C,?,?,?,?,?,?,?,?), ref: 00405AE3
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: CreateDirectoryErrorLast
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 1375471231-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 7ce514c051633c67dabed91c1ba2c830ad6f4192d7236d4c27a26ed09d9cb01d
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: c141ebc68f4164d0a3663fa1b1ea49181af819f28e12deb644bc081b11005b13
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 7ce514c051633c67dabed91c1ba2c830ad6f4192d7236d4c27a26ed09d9cb01d
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 5DC08C30300A02DACF000B218F087073950AB00380F19483AA582E00A0CA308044CD2D
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 004060C3 Relevance: 1.5, APIs: 1, Instructions: 22fileCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • WriteFile.KERNELBASE(00000000,00000000,00000004,00000004,00000000,?,?,0040347F,00000000,00414EC0,?,00414EC0,?,000000FF,00000004,00000000), ref: 004060D7
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: FileWrite
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 3934441357-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 4494c28c6fc58b77f7b94402ffbb10e79d92760fb9961e7d9dbcb201027e3d13
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: de33e43015841e90b47a85578f5cc3acb86098a1fa118a6604a55d69533944a7
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 4494c28c6fc58b77f7b94402ffbb10e79d92760fb9961e7d9dbcb201027e3d13
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 41E08C3224022AABCF109E508D00EEB3B6CEB003A0F018433FD26E2090D630E83197A4
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00406094 Relevance: 1.5, APIs: 1, Instructions: 22fileCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • ReadFile.KERNELBASE(00000000,00000000,00000004,00000004,00000000,000000FF,?,004034B1,00000000,00000000,00403308,000000FF,00000004,00000000,00000000,00000000), ref: 004060A8
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: FileRead
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 2738559852-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 076a4193e787d8b2f8fcded04b516b0b1a94860d7d4352c54bed072072f3bbd3
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: fd87eb1c4e4509ee71b5dc1f82ee1534a3bbef2287d177a98c1a1ef8e7fccbc0
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 076a4193e787d8b2f8fcded04b516b0b1a94860d7d4352c54bed072072f3bbd3
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 11E08C3229021AEBDF119E50CC00AEB7BACEB043A0F018436FD22E3180D671E83187A9
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 0040638E Relevance: 1.5, APIs: 1, Instructions: 19registryCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • RegOpenKeyExW.KERNELBASE(00000000,00421EE8,00000000,00000000,?,?,00000000,?,0040641C,?,00421EE8,?,?,"C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" /D=,?,00000000), ref: 004063B2
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: Open
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 71445658-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 8ee5b0d2344bda13eae74e7442d869633e0228d129a7f9cdea9876c3f2a2c01f
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 99177681843bc7d8b33aa39255ce29306f0e35401c43de39655aaedf71f86506
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 8ee5b0d2344bda13eae74e7442d869633e0228d129a7f9cdea9876c3f2a2c01f
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: DAD0173204020DBBDF119E90ED01FAB3B6DAB08350F014826FE06A40A0D776D534ABA8
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 004034B4 Relevance: 1.5, APIs: 1, Instructions: 6COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • SetFilePointer.KERNELBASE(00000000,00000000,00000000,00403247,?), ref: 004034C2
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: FilePointer
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 973152223-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 9851be0de28bb9513f6e500a0df6ea838ed72b99fd7baa621d8f85bec57c8f40
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 1f5c7ae16c2334422adcad36111bde95194575cbdac9b1f52e29a9f6e91cc98e
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 9851be0de28bb9513f6e500a0df6ea838ed72b99fd7baa621d8f85bec57c8f40
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 34B01271240300BFDA214F00DF09F057B21ABA0700F10C034B388380F086711035EB0D
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00401FA9 Relevance: 1.3, APIs: 1, Instructions: 37COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 004055A6: lstrlenW.KERNEL32(00421EE8,00000000,006E2E52,00000000,?,?,?,?,?,?,?,?,?,004033F2,00000000,?), ref: 004055DE
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 004055A6: lstrlenW.KERNEL32(004033F2,00421EE8,00000000,006E2E52,00000000,?,?,?,?,?,?,?,?,?,004033F2,00000000), ref: 004055EE
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 004055A6: lstrcatW.KERNEL32(00421EE8,004033F2), ref: 00405601
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 004055A6: SetWindowTextW.USER32(00421EE8,00421EE8), ref: 00405613
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 004055A6: SendMessageW.USER32(?,00001004,00000000,00000000), ref: 00405639
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 004055A6: SendMessageW.USER32(?,0000104D,00000000,00000001), ref: 00405653
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 004055A6: SendMessageW.USER32(?,00001013,?,00000000), ref: 00405661
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405B04: CreateProcessW.KERNELBASE(00000000,0042C800,00000000,00000000,00000000,04000000,00000000,00000000,00425F10,?,?,?,0042C800,?), ref: 00405B2D
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405B04: CloseHandle.KERNEL32(?,?,?,0042C800,?), ref: 00405B3A
                                                                                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(?,?,?,?,?,?), ref: 00401FF0
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 004069C0: WaitForSingleObject.KERNEL32(?,00000064), ref: 004069D1
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 004069C0: GetExitCodeProcess.KERNEL32(?,?), ref: 004069F3
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00406468: wsprintfW.USER32 ref: 00406475
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: MessageSend$CloseHandleProcesslstrlen$CodeCreateExitObjectSingleTextWaitWindowlstrcatwsprintf
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 2972824698-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 4af19e8990f14249d37718fe1ee1663bb12bcb7082944af9f650a7a100cf57c9
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: fabaa3b6efc7a57357b2805df35000a41c8f44054e7a675a900f3985a4c8ce8a
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 4af19e8990f14249d37718fe1ee1663bb12bcb7082944af9f650a7a100cf57c9
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: E8F06772905125ABDB20BBA599849DE72B59B00328B25413FE102B22E1C77C4E469AAE
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Non-executed Functions

                                                                                                                                                                                                                                                                                                                                    Function 004056E5 Relevance: 65.0, APIs: 36, Strings: 1, Instructions: 284windowclipboardmemoryCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • GetDlgItem.USER32(?,00000403), ref: 00405743
                                                                                                                                                                                                                                                                                                                                    • GetDlgItem.USER32(?,000003EE), ref: 00405752
                                                                                                                                                                                                                                                                                                                                    • GetClientRect.USER32(?,?), ref: 0040578F
                                                                                                                                                                                                                                                                                                                                    • GetSystemMetrics.USER32(00000002), ref: 00405796
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,00001061,00000000,?), ref: 004057B7
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,00001036,00004000,00004000), ref: 004057C8
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,00001001,00000000,00000110), ref: 004057DB
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,00001026,00000000,00000110), ref: 004057E9
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,00001024,00000000,?), ref: 004057FC
                                                                                                                                                                                                                                                                                                                                    • ShowWindow.USER32(00000000,?,0000001B,000000FF), ref: 0040581E
                                                                                                                                                                                                                                                                                                                                    • ShowWindow.USER32(?,00000008), ref: 00405832
                                                                                                                                                                                                                                                                                                                                    • GetDlgItem.USER32(?,000003EC), ref: 00405853
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(00000000,00000401,00000000,75300000), ref: 00405863
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(00000000,00000409,00000000,?), ref: 0040587C
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(00000000,00002001,00000000,00000110), ref: 00405888
                                                                                                                                                                                                                                                                                                                                    • GetDlgItem.USER32(?,000003F8), ref: 00405761
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 004044D5: SendMessageW.USER32(00000028,?,00000001,00404300), ref: 004044E3
                                                                                                                                                                                                                                                                                                                                    • GetDlgItem.USER32(?,000003EC), ref: 004058A5
                                                                                                                                                                                                                                                                                                                                    • CreateThread.KERNEL32(00000000,00000000,Function_00005679,00000000), ref: 004058B3
                                                                                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(00000000), ref: 004058BA
                                                                                                                                                                                                                                                                                                                                    • ShowWindow.USER32(00000000), ref: 004058DE
                                                                                                                                                                                                                                                                                                                                    • ShowWindow.USER32(?,00000008), ref: 004058E3
                                                                                                                                                                                                                                                                                                                                    • ShowWindow.USER32(00000008), ref: 0040592D
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,00001004,00000000,00000000), ref: 00405961
                                                                                                                                                                                                                                                                                                                                    • CreatePopupMenu.USER32 ref: 00405972
                                                                                                                                                                                                                                                                                                                                    • AppendMenuW.USER32(00000000,00000000,00000001,00000000), ref: 00405986
                                                                                                                                                                                                                                                                                                                                    • GetWindowRect.USER32(?,?), ref: 004059A6
                                                                                                                                                                                                                                                                                                                                    • TrackPopupMenu.USER32(00000000,00000180,?,?,00000000,?,00000000), ref: 004059BF
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,00001073,00000000,?), ref: 004059F7
                                                                                                                                                                                                                                                                                                                                    • OpenClipboard.USER32(00000000), ref: 00405A07
                                                                                                                                                                                                                                                                                                                                    • EmptyClipboard.USER32 ref: 00405A0D
                                                                                                                                                                                                                                                                                                                                    • GlobalAlloc.KERNEL32(00000042,00000000), ref: 00405A19
                                                                                                                                                                                                                                                                                                                                    • GlobalLock.KERNEL32(00000000), ref: 00405A23
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,00001073,00000000,?), ref: 00405A37
                                                                                                                                                                                                                                                                                                                                    • GlobalUnlock.KERNEL32(00000000), ref: 00405A57
                                                                                                                                                                                                                                                                                                                                    • SetClipboardData.USER32(0000000D,00000000), ref: 00405A62
                                                                                                                                                                                                                                                                                                                                    • CloseClipboard.USER32 ref: 00405A68
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: MessageSend$Window$ItemShow$Clipboard$GlobalMenu$CloseCreatePopupRect$AllocAppendClientDataEmptyHandleLockMetricsOpenSystemThreadTrackUnlock
                                                                                                                                                                                                                                                                                                                                    • String ID: {
                                                                                                                                                                                                                                                                                                                                    • API String ID: 590372296-366298937
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: b00847ff47827a43b93895459648fd8745bc42cf01a25ae6d3cf6e6dbf784441
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: bfdbfabbc3eccdd340dcac883e36f8678c6b127a6a9b52dc92d7db9eae4071ee
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: b00847ff47827a43b93895459648fd8745bc42cf01a25ae6d3cf6e6dbf784441
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: FBB127B1900618FFDB11AF60DD89AAE7B79FB44354F00813AFA41B61A0CB754A92DF58
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00404991 Relevance: 21.3, APIs: 10, Strings: 2, Instructions: 275stringCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • GetDlgItem.USER32(?,000003FB), ref: 004049E0
                                                                                                                                                                                                                                                                                                                                    • SetWindowTextW.USER32(00000000,?), ref: 00404A0A
                                                                                                                                                                                                                                                                                                                                    • SHBrowseForFolderW.SHELL32(?), ref: 00404ABB
                                                                                                                                                                                                                                                                                                                                    • CoTaskMemFree.OLE32(00000000), ref: 00404AC6
                                                                                                                                                                                                                                                                                                                                    • lstrcmpiW.KERNEL32("C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" /D=,00422F08,00000000,?,?), ref: 00404AF8
                                                                                                                                                                                                                                                                                                                                    • lstrcatW.KERNEL32(?,"C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" /D=), ref: 00404B04
                                                                                                                                                                                                                                                                                                                                    • SetDlgItemTextW.USER32(?,000003FB,?), ref: 00404B16
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405B65: GetDlgItemTextW.USER32(?,?,00000400,00404B4D), ref: 00405B78
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 004067CF: CharNextW.USER32(?,*?|<>/":,00000000,"C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe",771B3420,C:\Users\user~1\AppData\Local\Temp\,00000000,004034D7,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,004037E6,?,00000008,0000000A,0000000C), ref: 00406832
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 004067CF: CharNextW.USER32(?,?,?,00000000,?,00000008,0000000A,0000000C,?,?,?,?,?,?,?,?), ref: 00406841
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 004067CF: CharNextW.USER32(?,"C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe",771B3420,C:\Users\user~1\AppData\Local\Temp\,00000000,004034D7,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,004037E6,?,00000008,0000000A,0000000C), ref: 00406846
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 004067CF: CharPrevW.USER32(?,?,771B3420,C:\Users\user~1\AppData\Local\Temp\,00000000,004034D7,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,004037E6,?,00000008,0000000A,0000000C), ref: 00406859
                                                                                                                                                                                                                                                                                                                                    • GetDiskFreeSpaceW.KERNEL32(00420ED8,?,?,0000040F,?,00420ED8,00420ED8,?,00000001,00420ED8,?,?,000003FB,?), ref: 00404BD9
                                                                                                                                                                                                                                                                                                                                    • MulDiv.KERNEL32(?,0000040F,00000400), ref: 00404BF4
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00404D4D: lstrlenW.KERNEL32(00422F08,00422F08,?,%u.%u%s%s,00000005,00000000,00000000,?,000000DC,00000000,?,000000DF,00000000,00000400,?), ref: 00404DEE
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00404D4D: wsprintfW.USER32 ref: 00404DF7
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00404D4D: SetDlgItemTextW.USER32(?,00422F08), ref: 00404E0A
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: CharItemText$Next$Free$BrowseDiskFolderPrevSpaceTaskWindowlstrcatlstrcmpilstrlenwsprintf
                                                                                                                                                                                                                                                                                                                                    • String ID: "C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" /D=$A
                                                                                                                                                                                                                                                                                                                                    • API String ID: 2624150263-2579211716
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 2c04f043fab078114f436bc2b0f460e04cb31fe4a389aa85165ae8fc382e2e95
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 030197d704291a410dcd06cfc4277a043b64cd4f667f0077e3e502e998d69d3f
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 2c04f043fab078114f436bc2b0f460e04cb31fe4a389aa85165ae8fc382e2e95
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: CBA1A0B1900208ABDB11AFA5DD45AAF77B8EF84314F11803BF611B62D1D77C9A418B6D
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 004021AF Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 129comCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • CoCreateInstance.OLE32(004084DC,?,00000001,004084CC,?,?,00000045,000000CD,00000002,000000DF,000000F0), ref: 0040222E
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    • C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp, xrefs: 0040226E
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: CreateInstance
                                                                                                                                                                                                                                                                                                                                    • String ID: C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp
                                                                                                                                                                                                                                                                                                                                    • API String ID: 542301482-1653284194
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 7a611acba93cc511974fc4040de844b48ef8661c34823a59af3155f17f6da3ff
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 8307c529eb9feefa1617cd4f78f27985085e4fae61a1ffd37fb0b3adda41be3b
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 7a611acba93cc511974fc4040de844b48ef8661c34823a59af3155f17f6da3ff
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 00410575A00209AFCB40DFE4C989EAD7BB5FF48308B20456EF505EB2D1DB799982CB54
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00402910 Relevance: 1.5, APIs: 1, Instructions: 30fileCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • FindFirstFileW.KERNEL32(00000000,?,00000002), ref: 0040291F
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: FileFindFirst
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 1974802433-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 37f2b48b27080797d787e445f9566862dc494f0e442a3a5c817077e9e4d44de1
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: a06f58704ac02dcae893024ea8a23b5ac4ca5f5a8623c8e138aed3c50dac2e18
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 37f2b48b27080797d787e445f9566862dc494f0e442a3a5c817077e9e4d44de1
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 44F05E71A04104AAD711EBE4E9499AEB378EF14314F60057BE101F21D0DBB84D019B2A
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00404F0D Relevance: 63.5, APIs: 33, Strings: 3, Instructions: 489windowmemoryCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • GetDlgItem.USER32(?,000003F9), ref: 00404F25
                                                                                                                                                                                                                                                                                                                                    • GetDlgItem.USER32(?,00000408), ref: 00404F30
                                                                                                                                                                                                                                                                                                                                    • GlobalAlloc.KERNEL32(00000040,?), ref: 00404F7A
                                                                                                                                                                                                                                                                                                                                    • LoadImageW.USER32(0000006E,00000000,00000000,00000000,00000000), ref: 00404F91
                                                                                                                                                                                                                                                                                                                                    • SetWindowLongW.USER32(?,000000FC,0040551A), ref: 00404FAA
                                                                                                                                                                                                                                                                                                                                    • ImageList_Create.COMCTL32(00000010,00000010,00000021,00000006,00000000), ref: 00404FBE
                                                                                                                                                                                                                                                                                                                                    • ImageList_AddMasked.COMCTL32(00000000,00000000,00FF00FF), ref: 00404FD0
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,00001109,00000002), ref: 00404FE6
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,0000111C,00000000,00000000), ref: 00404FF2
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,0000111B,00000010,00000000), ref: 00405004
                                                                                                                                                                                                                                                                                                                                    • DeleteObject.GDI32(00000000), ref: 00405007
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,00000143,00000000,00000000), ref: 00405032
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,00000151,00000000,00000000), ref: 0040503E
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,00001132,00000000,?), ref: 004050D9
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,0000110A,00000003,00000110), ref: 00405109
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 004044D5: SendMessageW.USER32(00000028,?,00000001,00404300), ref: 004044E3
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,00001132,00000000,?), ref: 0040511D
                                                                                                                                                                                                                                                                                                                                    • GetWindowLongW.USER32(?,000000F0), ref: 0040514B
                                                                                                                                                                                                                                                                                                                                    • SetWindowLongW.USER32(?,000000F0,00000000), ref: 00405159
                                                                                                                                                                                                                                                                                                                                    • ShowWindow.USER32(?,00000005), ref: 00405169
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,00000419,00000000,?), ref: 00405264
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,00000147,00000000,00000000), ref: 004052C9
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,00000150,00000000,00000000), ref: 004052DE
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,00000420,00000000,00000020), ref: 00405302
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,00000200,00000000,00000000), ref: 00405322
                                                                                                                                                                                                                                                                                                                                    • ImageList_Destroy.COMCTL32(?), ref: 00405337
                                                                                                                                                                                                                                                                                                                                    • GlobalFree.KERNEL32(?), ref: 00405347
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,0000014E,00000000,00000000), ref: 004053C0
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,00001102,?,?), ref: 00405469
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,0000113F,00000000,00000008), ref: 00405478
                                                                                                                                                                                                                                                                                                                                    • InvalidateRect.USER32(?,00000000,00000001), ref: 004054A3
                                                                                                                                                                                                                                                                                                                                    • ShowWindow.USER32(?,00000000), ref: 004054F1
                                                                                                                                                                                                                                                                                                                                    • GetDlgItem.USER32(?,000003FE), ref: 004054FC
                                                                                                                                                                                                                                                                                                                                    • ShowWindow.USER32(00000000), ref: 00405503
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: MessageSend$Window$Image$ItemList_LongShow$Global$AllocCreateDeleteDestroyFreeInvalidateLoadMaskedObjectRect
                                                                                                                                                                                                                                                                                                                                    • String ID: $M$N
                                                                                                                                                                                                                                                                                                                                    • API String ID: 2564846305-813528018
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 963d0e2195837636cb6f5b073c234fd9fc9862b141633064f8114fc5dd327728
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 467e9106b9ab4b1e9b2d04e68362d71007c986f05034cc4a0cb7dcf353c6e141
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 963d0e2195837636cb6f5b073c234fd9fc9862b141633064f8114fc5dd327728
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 16029B70A00609EFDB20DF95DD45AAF7BB5FB44314F10817AE610BA2E1D7B98A42CF58
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00403FA1 Relevance: 51.4, APIs: 34, Instructions: 357windowstringCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • SetWindowPos.USER32(?,00000000,00000000,00000000,00000000,00000013), ref: 00403FDD
                                                                                                                                                                                                                                                                                                                                    • ShowWindow.USER32(?), ref: 00403FFD
                                                                                                                                                                                                                                                                                                                                    • GetWindowLongW.USER32(?,000000F0), ref: 0040400F
                                                                                                                                                                                                                                                                                                                                    • ShowWindow.USER32(?,00000004), ref: 00404028
                                                                                                                                                                                                                                                                                                                                    • DestroyWindow.USER32 ref: 0040403C
                                                                                                                                                                                                                                                                                                                                    • SetWindowLongW.USER32(?,00000000,00000000), ref: 00404055
                                                                                                                                                                                                                                                                                                                                    • GetDlgItem.USER32(?,?), ref: 00404074
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(00000000,000000F3,00000000,00000000), ref: 00404088
                                                                                                                                                                                                                                                                                                                                    • IsWindowEnabled.USER32(00000000), ref: 0040408F
                                                                                                                                                                                                                                                                                                                                    • GetDlgItem.USER32(?,00000001), ref: 0040413A
                                                                                                                                                                                                                                                                                                                                    • GetDlgItem.USER32(?,00000002), ref: 00404144
                                                                                                                                                                                                                                                                                                                                    • SetClassLongW.USER32(?,000000F2,?), ref: 0040415E
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(0000040F,00000000,00000001,?), ref: 004041AF
                                                                                                                                                                                                                                                                                                                                    • GetDlgItem.USER32(?,00000003), ref: 00404255
                                                                                                                                                                                                                                                                                                                                    • ShowWindow.USER32(00000000,?), ref: 00404276
                                                                                                                                                                                                                                                                                                                                    • EnableWindow.USER32(?,?), ref: 00404288
                                                                                                                                                                                                                                                                                                                                    • EnableWindow.USER32(?,?), ref: 004042A3
                                                                                                                                                                                                                                                                                                                                    • GetSystemMenu.USER32(?,00000000,0000F060,00000001), ref: 004042B9
                                                                                                                                                                                                                                                                                                                                    • EnableMenuItem.USER32(00000000), ref: 004042C0
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,000000F4,00000000,00000001), ref: 004042D8
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,00000401,00000002,00000000), ref: 004042EB
                                                                                                                                                                                                                                                                                                                                    • lstrlenW.KERNEL32(00422F08,?,00422F08,00000000), ref: 00404315
                                                                                                                                                                                                                                                                                                                                    • SetWindowTextW.USER32(?,00422F08), ref: 00404329
                                                                                                                                                                                                                                                                                                                                    • ShowWindow.USER32(?,0000000A), ref: 0040445D
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: Window$Item$MessageSendShow$EnableLong$Menu$ClassDestroyEnabledSystemTextlstrlen
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 1860320154-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: f0b43cd8e7f2e41f431c118fff2888e9d111a3339ebed408ace792690fb64996
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 6cd4652e30ec862c23bd12a6162173760bab2c1fa5186c41ecc3a298f9dddab8
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: f0b43cd8e7f2e41f431c118fff2888e9d111a3339ebed408ace792690fb64996
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 7FC1C0B1600204ABDB216F21EE49E2B3A69FB94709F41053EF751B51F0CB795882DB2E
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 0040465F Relevance: 37.0, APIs: 19, Strings: 2, Instructions: 204windowstringCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • CheckDlgButton.USER32(?,-0000040A,00000001), ref: 004046FD
                                                                                                                                                                                                                                                                                                                                    • GetDlgItem.USER32(?,000003E8), ref: 00404711
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(00000000,0000045B,00000001,00000000), ref: 0040472E
                                                                                                                                                                                                                                                                                                                                    • GetSysColor.USER32(?), ref: 0040473F
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(00000000,00000443,00000000,?), ref: 0040474D
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(00000000,00000445,00000000,04010000), ref: 0040475B
                                                                                                                                                                                                                                                                                                                                    • lstrlenW.KERNEL32(?), ref: 00404760
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(00000000,00000435,00000000,00000000), ref: 0040476D
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(00000000,00000449,00000110,00000110), ref: 00404782
                                                                                                                                                                                                                                                                                                                                    • GetDlgItem.USER32(?,0000040A), ref: 004047DB
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(00000000), ref: 004047E2
                                                                                                                                                                                                                                                                                                                                    • GetDlgItem.USER32(?,000003E8), ref: 0040480D
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(00000000,0000044B,00000000,00000201), ref: 00404850
                                                                                                                                                                                                                                                                                                                                    • LoadCursorW.USER32(00000000,00007F02), ref: 0040485E
                                                                                                                                                                                                                                                                                                                                    • SetCursor.USER32(00000000), ref: 00404861
                                                                                                                                                                                                                                                                                                                                    • LoadCursorW.USER32(00000000,00007F00), ref: 0040487A
                                                                                                                                                                                                                                                                                                                                    • SetCursor.USER32(00000000), ref: 0040487D
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(00000111,00000001,00000000), ref: 004048AC
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(00000010,00000000,00000000), ref: 004048BE
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    • "C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" /D=, xrefs: 0040483C
                                                                                                                                                                                                                                                                                                                                    • N, xrefs: 004047FB
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: MessageSend$Cursor$Item$Load$ButtonCheckColorlstrlen
                                                                                                                                                                                                                                                                                                                                    • String ID: "C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" /D=$N
                                                                                                                                                                                                                                                                                                                                    • API String ID: 3103080414-151304277
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: d465d3d5382bb59059b47d3503e7a252332af71f120e52871dcbc052c6d80ab7
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: fa786ba7610ecb1ae21ae2169d8ef808fc0b2da043ab7544d4c43deaa2774949
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: d465d3d5382bb59059b47d3503e7a252332af71f120e52871dcbc052c6d80ab7
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 7F61B3B1A00209BFDB10AF64DD85A6A7B79FB84354F00843AFB05B61D0D7B9AD61CF58
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00401000 Relevance: 26.4, APIs: 14, Strings: 1, Instructions: 125COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • DefWindowProcW.USER32(?,00000046,?,?), ref: 0040102C
                                                                                                                                                                                                                                                                                                                                    • BeginPaint.USER32(?,?), ref: 00401047
                                                                                                                                                                                                                                                                                                                                    • GetClientRect.USER32(?,?), ref: 0040105B
                                                                                                                                                                                                                                                                                                                                    • CreateBrushIndirect.GDI32(00000000), ref: 004010CF
                                                                                                                                                                                                                                                                                                                                    • FillRect.USER32(00000000,?,00000000), ref: 004010E4
                                                                                                                                                                                                                                                                                                                                    • DeleteObject.GDI32(?), ref: 004010ED
                                                                                                                                                                                                                                                                                                                                    • CreateFontIndirectW.GDI32(?), ref: 00401105
                                                                                                                                                                                                                                                                                                                                    • SetBkMode.GDI32(00000000,00000001), ref: 00401126
                                                                                                                                                                                                                                                                                                                                    • SetTextColor.GDI32(00000000,000000FF), ref: 00401130
                                                                                                                                                                                                                                                                                                                                    • SelectObject.GDI32(00000000,?), ref: 00401140
                                                                                                                                                                                                                                                                                                                                    • DrawTextW.USER32(00000000,00428A20,000000FF,00000010,00000820), ref: 00401156
                                                                                                                                                                                                                                                                                                                                    • SelectObject.GDI32(00000000,00000000), ref: 00401160
                                                                                                                                                                                                                                                                                                                                    • DeleteObject.GDI32(?), ref: 00401165
                                                                                                                                                                                                                                                                                                                                    • EndPaint.USER32(?,?), ref: 0040116E
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: Object$CreateDeleteIndirectPaintRectSelectText$BeginBrushClientColorDrawFillFontModeProcWindow
                                                                                                                                                                                                                                                                                                                                    • String ID: F
                                                                                                                                                                                                                                                                                                                                    • API String ID: 941294808-1304234792
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: fcc37e75e13d0dca8524aaa06a8ee829d240d30c68f9aadea354bd02ab1c226a
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: d1034cbb9d528375343357a353c0022e70e8214492c202610c441178c5bfc5cd
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: fcc37e75e13d0dca8524aaa06a8ee829d240d30c68f9aadea354bd02ab1c226a
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: FC417B71800249AFCB058FA5DE459AFBBB9FF45314F00802EF592AA1A0CB74DA55DFA4
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00406167 Relevance: 21.1, APIs: 10, Strings: 2, Instructions: 130memorystringCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(00000000,?,00000000,00000001,?,00000000,?,?,00406302,?,?), ref: 004061A2
                                                                                                                                                                                                                                                                                                                                    • GetShortPathNameW.KERNEL32(?,004265A8,00000400), ref: 004061AB
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405F76: lstrlenA.KERNEL32(00000000,00000000,00000000,00000000,?,00000000,0040625B,00000000,[Rename],00000000,00000000,00000000,?,?,?,?), ref: 00405F86
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405F76: lstrlenA.KERNEL32(00000000,?,00000000,0040625B,00000000,[Rename],00000000,00000000,00000000,?,?,?,?), ref: 00405FB8
                                                                                                                                                                                                                                                                                                                                    • GetShortPathNameW.KERNEL32(?,00426DA8,00000400), ref: 004061C8
                                                                                                                                                                                                                                                                                                                                    • wsprintfA.USER32 ref: 004061E6
                                                                                                                                                                                                                                                                                                                                    • GetFileSize.KERNEL32(00000000,00000000,00426DA8,C0000000,00000004,00426DA8,?,?,?,?,?), ref: 00406221
                                                                                                                                                                                                                                                                                                                                    • GlobalAlloc.KERNEL32(00000040,0000000A,?,?,?,?), ref: 00406230
                                                                                                                                                                                                                                                                                                                                    • lstrcpyA.KERNEL32(00000000,[Rename],00000000,[Rename],00000000,00000000,00000000,?,?,?,?), ref: 00406268
                                                                                                                                                                                                                                                                                                                                    • SetFilePointer.KERNEL32(0040A580,00000000,00000000,00000000,00000000,004261A8,00000000,-0000000A,0040A580,00000000,[Rename],00000000,00000000,00000000), ref: 004062BE
                                                                                                                                                                                                                                                                                                                                    • GlobalFree.KERNEL32(00000000), ref: 004062CF
                                                                                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(00000000,?,?,?,?), ref: 004062D6
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00406011: GetFileAttributesW.KERNELBASE(00000003,004030C2,C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe,80000000,00000003), ref: 00406015
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00406011: CreateFileW.KERNELBASE(?,?,00000001,00000000,?,00000001,00000000), ref: 00406037
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: File$CloseGlobalHandleNamePathShortlstrlen$AllocAttributesCreateFreePointerSizelstrcpywsprintf
                                                                                                                                                                                                                                                                                                                                    • String ID: %ls=%ls$[Rename]
                                                                                                                                                                                                                                                                                                                                    • API String ID: 2171350718-461813615
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 3cd7194a84b85a053e31ee19696a447fece43685b985ba60a20dd83e8f5070ac
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: d8f03b5b48010a369f687ed07a259b5d04d98e8e290d987932ab0f9f84d7b5e4
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 3cd7194a84b85a053e31ee19696a447fece43685b985ba60a20dd83e8f5070ac
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 89313230201325BFD6207B659D48F2B3A6CDF41714F12007EBA02F62C2EA7D98218ABD
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 0040655E Relevance: 17.7, APIs: 6, Strings: 4, Instructions: 204stringCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • GetSystemDirectoryW.KERNEL32("C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" /D=,00000400), ref: 00406680
                                                                                                                                                                                                                                                                                                                                    • GetWindowsDirectoryW.KERNEL32("C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" /D=,00000400,00000000,00421EE8,?,?,00000000,00000000,006E2E52,00000000), ref: 00406696
                                                                                                                                                                                                                                                                                                                                    • SHGetPathFromIDListW.SHELL32(00000000,"C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" /D=), ref: 004066F4
                                                                                                                                                                                                                                                                                                                                    • CoTaskMemFree.OLE32(00000000,?,00000000,00000007), ref: 004066FD
                                                                                                                                                                                                                                                                                                                                    • lstrcatW.KERNEL32("C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" /D=,\Microsoft\Internet Explorer\Quick Launch), ref: 00406728
                                                                                                                                                                                                                                                                                                                                    • lstrlenW.KERNEL32("C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" /D=,00000000,00421EE8,?,?,00000000,00000000,006E2E52,00000000), ref: 00406782
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: Directory$FreeFromListPathSystemTaskWindowslstrcatlstrlen
                                                                                                                                                                                                                                                                                                                                    • String ID: "C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" /D=$R.n$Software\Microsoft\Windows\CurrentVersion$\Microsoft\Internet Explorer\Quick Launch
                                                                                                                                                                                                                                                                                                                                    • API String ID: 4024019347-7464484
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 14c9f03641932d7153c154bb414b77852189b75d1473d82c894b9adbe9647435
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: c1bee3e663878f3afad94de22ef935420ccf361ce06c76a1d76179cfc985cdfa
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 14c9f03641932d7153c154bb414b77852189b75d1473d82c894b9adbe9647435
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 266146B1A043019BDB205F28DD80B6B77E4AF84318F65053FF646B32D1DA7D89A18B5E
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 004067CF Relevance: 12.3, APIs: 4, Strings: 3, Instructions: 69COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • CharNextW.USER32(?,*?|<>/":,00000000,"C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe",771B3420,C:\Users\user~1\AppData\Local\Temp\,00000000,004034D7,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,004037E6,?,00000008,0000000A,0000000C), ref: 00406832
                                                                                                                                                                                                                                                                                                                                    • CharNextW.USER32(?,?,?,00000000,?,00000008,0000000A,0000000C,?,?,?,?,?,?,?,?), ref: 00406841
                                                                                                                                                                                                                                                                                                                                    • CharNextW.USER32(?,"C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe",771B3420,C:\Users\user~1\AppData\Local\Temp\,00000000,004034D7,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,004037E6,?,00000008,0000000A,0000000C), ref: 00406846
                                                                                                                                                                                                                                                                                                                                    • CharPrevW.USER32(?,?,771B3420,C:\Users\user~1\AppData\Local\Temp\,00000000,004034D7,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,004037E6,?,00000008,0000000A,0000000C), ref: 00406859
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    • "C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe", xrefs: 00406813
                                                                                                                                                                                                                                                                                                                                    • C:\Users\user~1\AppData\Local\Temp\, xrefs: 004067D0
                                                                                                                                                                                                                                                                                                                                    • *?|<>/":, xrefs: 00406821
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: Char$Next$Prev
                                                                                                                                                                                                                                                                                                                                    • String ID: "C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe"$*?|<>/":$C:\Users\user~1\AppData\Local\Temp\
                                                                                                                                                                                                                                                                                                                                    • API String ID: 589700163-3976094375
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: d9890b2689dddc4776a4db6af1629ac80bd1bcc56ba6148264ccbff8cf15ab87
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 2d41fa7b6770246c30beeceb47eb68b435a53440eacd13368e2f30b8c56315d6
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: d9890b2689dddc4776a4db6af1629ac80bd1bcc56ba6148264ccbff8cf15ab87
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: A511935680121296DB303B14CC44ABB66E8AF54794F52C03FE999732C1E77C5C9296BD
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00404507 Relevance: 12.1, APIs: 8, Instructions: 68COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • GetWindowLongW.USER32(?,000000EB), ref: 00404524
                                                                                                                                                                                                                                                                                                                                    • GetSysColor.USER32(00000000), ref: 00404562
                                                                                                                                                                                                                                                                                                                                    • SetTextColor.GDI32(?,00000000), ref: 0040456E
                                                                                                                                                                                                                                                                                                                                    • SetBkMode.GDI32(?,?), ref: 0040457A
                                                                                                                                                                                                                                                                                                                                    • GetSysColor.USER32(?), ref: 0040458D
                                                                                                                                                                                                                                                                                                                                    • SetBkColor.GDI32(?,?), ref: 0040459D
                                                                                                                                                                                                                                                                                                                                    • DeleteObject.GDI32(?), ref: 004045B7
                                                                                                                                                                                                                                                                                                                                    • CreateBrushIndirect.GDI32(?), ref: 004045C1
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: Color$BrushCreateDeleteIndirectLongModeObjectTextWindow
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 2320649405-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 9dba601b91aff6ac4bf2e5f3eaee39d76022ea5146a5c84035e03d3d84c8d27c
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 524417ed32742d4b72cd17798d780815826fd18a7bcb7bb0f1ed1fdd1052d135
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 9dba601b91aff6ac4bf2e5f3eaee39d76022ea5146a5c84035e03d3d84c8d27c
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: B22135B1500705AFCB319F78DD08B577BF5AF81714B048A2DEA96A26E0D738D944CB54
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 004026F1 Relevance: 10.7, APIs: 5, Strings: 1, Instructions: 153fileCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • ReadFile.KERNEL32(?,?,?,?), ref: 0040275D
                                                                                                                                                                                                                                                                                                                                    • MultiByteToWideChar.KERNEL32(?,00000008,?,?,?,00000001), ref: 00402798
                                                                                                                                                                                                                                                                                                                                    • SetFilePointer.KERNEL32(?,?,?,00000001,?,00000008,?,?,?,00000001), ref: 004027BB
                                                                                                                                                                                                                                                                                                                                    • MultiByteToWideChar.KERNEL32(?,00000008,?,00000000,?,00000001,?,00000001,?,00000008,?,?,?,00000001), ref: 004027D1
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 004060F2: SetFilePointer.KERNEL32(?,00000000,00000000,00000001), ref: 00406108
                                                                                                                                                                                                                                                                                                                                    • SetFilePointer.KERNEL32(?,?,?,00000001,?,?,00000002), ref: 0040287D
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: File$Pointer$ByteCharMultiWide$Read
                                                                                                                                                                                                                                                                                                                                    • String ID: 9
                                                                                                                                                                                                                                                                                                                                    • API String ID: 163830602-2366072709
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 0fe20a848d4a285c173513a47146d0bdd1f0b43cc80ef0beb9e6d9777ffbd6ad
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 4938fc2aff7960a3a7fedf371d3c64c497049ea43b58312dd80c80f6ae9549af
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 0fe20a848d4a285c173513a47146d0bdd1f0b43cc80ef0beb9e6d9777ffbd6ad
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 5051FB75D0421AABDF249FD4CA84AAEBB79FF04344F10817BE901B62D0D7B49D828B58
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 004055A6 Relevance: 10.6, APIs: 7, Instructions: 72stringwindowCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • lstrlenW.KERNEL32(00421EE8,00000000,006E2E52,00000000,?,?,?,?,?,?,?,?,?,004033F2,00000000,?), ref: 004055DE
                                                                                                                                                                                                                                                                                                                                    • lstrlenW.KERNEL32(004033F2,00421EE8,00000000,006E2E52,00000000,?,?,?,?,?,?,?,?,?,004033F2,00000000), ref: 004055EE
                                                                                                                                                                                                                                                                                                                                    • lstrcatW.KERNEL32(00421EE8,004033F2), ref: 00405601
                                                                                                                                                                                                                                                                                                                                    • SetWindowTextW.USER32(00421EE8,00421EE8), ref: 00405613
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,00001004,00000000,00000000), ref: 00405639
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,0000104D,00000000,00000001), ref: 00405653
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,00001013,?,00000000), ref: 00405661
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: MessageSend$lstrlen$TextWindowlstrcat
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 2531174081-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: a9fafcf7327b9621bb894f8e2d9ac48d1397335c234e36f420f2517ccdad5277
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: deb6953f75989b306d4e6df0e2073f5bc52164b7b2c012b705af3b177d86a23e
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: a9fafcf7327b9621bb894f8e2d9ac48d1397335c234e36f420f2517ccdad5277
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 8F21B375900158BACB119FA5DD84ECFBF75EF45364F50803AF944B22A0C77A4A51CF68
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00404E5B Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 48windowCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,0000110A,00000009,00000000), ref: 00404E76
                                                                                                                                                                                                                                                                                                                                    • GetMessagePos.USER32 ref: 00404E7E
                                                                                                                                                                                                                                                                                                                                    • ScreenToClient.USER32(?,?), ref: 00404E98
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,00001111,00000000,?), ref: 00404EAA
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,0000113E,00000000,?), ref: 00404ED0
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: Message$Send$ClientScreen
                                                                                                                                                                                                                                                                                                                                    • String ID: f
                                                                                                                                                                                                                                                                                                                                    • API String ID: 41195575-1993550816
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 3b05e908374c5eb3ed0cc07743cf8bdf4b6f619b857b2f4ef42225a5e6fc1927
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: cfceae8db68972c520d490933057d7cb8d8acba3ea2256e028311c612775fba1
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 3b05e908374c5eb3ed0cc07743cf8bdf4b6f619b857b2f4ef42225a5e6fc1927
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: A3015E7190021CBADB00DB94DD85BFFBBBCAF95B11F10412BBA51B61D0C7B49A418BA4
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00402F98 Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 40timeCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • SetTimer.USER32(?,00000001,000000FA,00000000), ref: 00402FB6
                                                                                                                                                                                                                                                                                                                                    • MulDiv.KERNEL32(00468B66,00000064,?), ref: 00402FE1
                                                                                                                                                                                                                                                                                                                                    • wsprintfW.USER32 ref: 00402FF1
                                                                                                                                                                                                                                                                                                                                    • SetWindowTextW.USER32(?,?), ref: 00403001
                                                                                                                                                                                                                                                                                                                                    • SetDlgItemTextW.USER32(?,00000406,?), ref: 00403013
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    • verifying installer: %d%%, xrefs: 00402FEB
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: Text$ItemTimerWindowwsprintf
                                                                                                                                                                                                                                                                                                                                    • String ID: verifying installer: %d%%
                                                                                                                                                                                                                                                                                                                                    • API String ID: 1451636040-82062127
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 7c72eb226873640f15370cd8631d515f33e7e0e766319f11269e715f4bf9c46b
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: f83dc0eaaa7e9df2961e53678d13a3899a4bf5fcca0c0537cb294ee04905d4b1
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 7c72eb226873640f15370cd8631d515f33e7e0e766319f11269e715f4bf9c46b
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: EF014F71640208BBEF209F60DD49FEE3B69AB44345F108039FA06A51D0DBB99A559F58
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00402955 Relevance: 9.1, APIs: 6, Instructions: 91memoryfileCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • GlobalAlloc.KERNEL32(00000040,?,00000000,40000000,00000002,00000000,00000000,000000F0), ref: 004029B6
                                                                                                                                                                                                                                                                                                                                    • GlobalAlloc.KERNEL32(00000040,?,00000000,?), ref: 004029D2
                                                                                                                                                                                                                                                                                                                                    • GlobalFree.KERNEL32(?), ref: 00402A0B
                                                                                                                                                                                                                                                                                                                                    • GlobalFree.KERNEL32(00000000), ref: 00402A1E
                                                                                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(?,?,?,?,?,00000000,40000000,00000002,00000000,00000000,000000F0), ref: 00402A3A
                                                                                                                                                                                                                                                                                                                                    • DeleteFileW.KERNEL32(?,00000000,40000000,00000002,00000000,00000000,000000F0), ref: 00402A4D
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: Global$AllocFree$CloseDeleteFileHandle
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 2667972263-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: c2b671b088f8a2c6a2cc46e86308de55ebb46a294384aac1552312227abe31fd
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 66908bbe9354c3b59104e874c770ae4161d9466efedc1f742b63756e9967f80f
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: c2b671b088f8a2c6a2cc46e86308de55ebb46a294384aac1552312227abe31fd
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 54319E71900128ABCF21AFA5CE49D9E7E79AF44364F10423AF514762E1CB794C429FA8
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00402EAE Relevance: 7.6, APIs: 5, Instructions: 84registryCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • RegEnumValueW.ADVAPI32(?,00000000,?,?,00000000,00000000,00000000,00000000,?,?,00100020,?,?,?), ref: 00402F02
                                                                                                                                                                                                                                                                                                                                    • RegEnumKeyW.ADVAPI32(?,00000000,?,00000105), ref: 00402F4E
                                                                                                                                                                                                                                                                                                                                    • RegCloseKey.ADVAPI32(?,?,?), ref: 00402F57
                                                                                                                                                                                                                                                                                                                                    • RegDeleteKeyW.ADVAPI32(?,?), ref: 00402F6E
                                                                                                                                                                                                                                                                                                                                    • RegCloseKey.ADVAPI32(?,?,?), ref: 00402F79
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: CloseEnum$DeleteValue
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 1354259210-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 6bbd6cd9bb694ee1e5b18e2fc67d121d416227cee6099befa8b5f279801200a9
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 48bf034c557530f45265713f896c64b121a5f1f2f5b25ab6521791cb913d5ed3
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 6bbd6cd9bb694ee1e5b18e2fc67d121d416227cee6099befa8b5f279801200a9
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 74215A7150010ABFDF119F90CE89EEF7B7DEB54388F110076B949B11A0D7B49E54AA68
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00401D86 Relevance: 7.6, APIs: 5, Instructions: 75windowCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • GetDlgItem.USER32(?,?), ref: 00401D9F
                                                                                                                                                                                                                                                                                                                                    • GetClientRect.USER32(?,?), ref: 00401DEA
                                                                                                                                                                                                                                                                                                                                    • LoadImageW.USER32(?,?,?,?,?,?), ref: 00401E1A
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,00000172,?,00000000), ref: 00401E2E
                                                                                                                                                                                                                                                                                                                                    • DeleteObject.GDI32(00000000), ref: 00401E3E
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: ClientDeleteImageItemLoadMessageObjectRectSend
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 1849352358-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: b4553b6f8f96a3615d4cb1d74016621c3cb3daa09826911c1e5c071ec9b0e61c
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 002387d4b88dbb62f40c54eb0dee3f9a721ef30fc2dbb8ae50818b7fec09efb0
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: b4553b6f8f96a3615d4cb1d74016621c3cb3daa09826911c1e5c071ec9b0e61c
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 0F21F872A00119AFCB15DF98DE45AEEBBB5EB08304F14003AF945F62A0D7789D41DB98
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00401E53 Relevance: 7.5, APIs: 5, Instructions: 43COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • GetDC.USER32(?), ref: 00401E56
                                                                                                                                                                                                                                                                                                                                    • GetDeviceCaps.GDI32(00000000,0000005A), ref: 00401E70
                                                                                                                                                                                                                                                                                                                                    • MulDiv.KERNEL32(00000000,00000000), ref: 00401E78
                                                                                                                                                                                                                                                                                                                                    • ReleaseDC.USER32(?,00000000), ref: 00401E89
                                                                                                                                                                                                                                                                                                                                    • CreateFontIndirectW.GDI32(0040CDC8), ref: 00401ED8
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: CapsCreateDeviceFontIndirectRelease
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 3808545654-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 12fc5c0feb0b51e7a773ba9164babbc76b3b82788c0ea370a0f868ab0e4caa48
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 1c21784e8a12ec6bf8935da156a17e2c336e66cb5fe6e154f3a2125ab74843e9
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 12fc5c0feb0b51e7a773ba9164babbc76b3b82788c0ea370a0f868ab0e4caa48
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 5A018871954240EFE7015BB4AE9ABDD3FB5AF15301F10497AF141B61E2C6B90445DB3C
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00401C48 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 84windowtimeCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • SendMessageTimeoutW.USER32(00000000,00000000,?,?,?,00000002,?), ref: 00401CB8
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(00000000,00000000,?,?), ref: 00401CD0
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: MessageSend$Timeout
                                                                                                                                                                                                                                                                                                                                    • String ID: !
                                                                                                                                                                                                                                                                                                                                    • API String ID: 1777923405-2657877971
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 0b60248b2d317c3fadb7ed9affa728e8142f9e62085aaabdbec9824b10747ad3
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: dc9a0f57bab323a5eda2152a626e9899419b02716f24503a8b80c8a4184e75e9
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 0b60248b2d317c3fadb7ed9affa728e8142f9e62085aaabdbec9824b10747ad3
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: E921AD71D1421AAFEB05AFA4D94AAFE7BB0EF84304F10453EF601B61D0D7B84941CB98
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00404D4D Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 84stringCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • lstrlenW.KERNEL32(00422F08,00422F08,?,%u.%u%s%s,00000005,00000000,00000000,?,000000DC,00000000,?,000000DF,00000000,00000400,?), ref: 00404DEE
                                                                                                                                                                                                                                                                                                                                    • wsprintfW.USER32 ref: 00404DF7
                                                                                                                                                                                                                                                                                                                                    • SetDlgItemTextW.USER32(?,00422F08), ref: 00404E0A
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: ItemTextlstrlenwsprintf
                                                                                                                                                                                                                                                                                                                                    • String ID: %u.%u%s%s
                                                                                                                                                                                                                                                                                                                                    • API String ID: 3540041739-3551169577
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 808c56ceb77bc8fa6bb0a4fcfba6dc4e55d7e9e185af3d36fc5e6f51395c7837
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 33e626053c854acaf0ea976fdeb40ece7b69d158cb37adfcb571004cb6629101
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 808c56ceb77bc8fa6bb0a4fcfba6dc4e55d7e9e185af3d36fc5e6f51395c7837
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 2C11EB7360412877DB00666DAC46EAE329DDF85334F250237FA66F31D5EA79C92242E8
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 0040248F Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 64registrystringCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • lstrlenW.KERNEL32($VersionToInstall,00000023,00000011,00000002), ref: 004024DA
                                                                                                                                                                                                                                                                                                                                    • RegSetValueExW.ADVAPI32(?,?,?,?,$VersionToInstall,00000000,00000011,00000002), ref: 0040251A
                                                                                                                                                                                                                                                                                                                                    • RegCloseKey.ADVAPI32(?,?,?,$VersionToInstall,00000000,00000011,00000002), ref: 00402602
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: CloseValuelstrlen
                                                                                                                                                                                                                                                                                                                                    • String ID: $VersionToInstall
                                                                                                                                                                                                                                                                                                                                    • API String ID: 2655323295-2426216592
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: da66cedf603cd7e025ac7cea982e9cc5d1ed11c0b9be308f32ecbd99beb1696c
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 9515a87f615354861ff9cc8d48f56862c3e7cd04d157db2ad705c0a1b7eb65e0
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: da66cedf603cd7e025ac7cea982e9cc5d1ed11c0b9be308f32ecbd99beb1696c
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 45116D71900118BEEB11EFA5DE59AAEBAB4AF54318F10443FF504B61C1C7B98E419A58
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00405EF8 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 47stringCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00406521: lstrcpynW.KERNEL32(?,?,00000400,0040366E,00428A20,NSIS Error,?,00000008,0000000A,0000000C), ref: 0040652E
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405E9B: CharNextW.USER32(?,?,C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp,?,00405F0F,C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp,C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp,771B3420,?,C:\Users\user~1\AppData\Local\Temp\,00405C4D,?,771B3420,C:\Users\user~1\AppData\Local\Temp\,"C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe"), ref: 00405EA9
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405E9B: CharNextW.USER32(00000000), ref: 00405EAE
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405E9B: CharNextW.USER32(00000000), ref: 00405EC6
                                                                                                                                                                                                                                                                                                                                    • lstrlenW.KERNEL32(C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp,00000000,C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp,C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp,771B3420,?,C:\Users\user~1\AppData\Local\Temp\,00405C4D,?,771B3420,C:\Users\user~1\AppData\Local\Temp\,"C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe"), ref: 00405F51
                                                                                                                                                                                                                                                                                                                                    • GetFileAttributesW.KERNEL32(C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp,C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp,C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp,C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp,C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp,C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp,00000000,C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp,C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp,771B3420,?,C:\Users\user~1\AppData\Local\Temp\,00405C4D,?,771B3420,C:\Users\user~1\AppData\Local\Temp\), ref: 00405F61
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: CharNext$AttributesFilelstrcpynlstrlen
                                                                                                                                                                                                                                                                                                                                    • String ID: C:\Users\user~1\AppData\Local\Temp\$C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp
                                                                                                                                                                                                                                                                                                                                    • API String ID: 3248276644-2712736977
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: db39f955a116f1e539d990513461dc7a207fa728de065fffbfa736c70f2b9a34
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 4f97f4adca9055af25af7ef058e1e83d315c20be799ec2f088cafe79a8eb74c9
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: db39f955a116f1e539d990513461dc7a207fa728de065fffbfa736c70f2b9a34
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: DAF0F435115E5326D622323A2C49AAF1A05CEC2324B55453FF891B22C2DF3C89538DBE
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00405E9B Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 42COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • CharNextW.USER32(?,?,C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp,?,00405F0F,C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp,C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp,771B3420,?,C:\Users\user~1\AppData\Local\Temp\,00405C4D,?,771B3420,C:\Users\user~1\AppData\Local\Temp\,"C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe"), ref: 00405EA9
                                                                                                                                                                                                                                                                                                                                    • CharNextW.USER32(00000000), ref: 00405EAE
                                                                                                                                                                                                                                                                                                                                    • CharNextW.USER32(00000000), ref: 00405EC6
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    • C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp, xrefs: 00405E9C
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: CharNext
                                                                                                                                                                                                                                                                                                                                    • String ID: C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp
                                                                                                                                                                                                                                                                                                                                    • API String ID: 3213498283-1653284194
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: a019630038ff328a8ec37a6ad8a5e0fa1ea3fa9b42c133706ff5938ffc5cdd25
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: c4cc3313bff2df52cb6c0caf4e8c88866a305d48728ab5da0ab5d468dade8cef
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: a019630038ff328a8ec37a6ad8a5e0fa1ea3fa9b42c133706ff5938ffc5cdd25
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: E4F0F631910F2595DA317764CC44E7766B8EB54351B00803BD282B36C1DBF88A819FEA
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00405DF0 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 16stringCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • lstrlenW.KERNEL32(?,C:\Users\user~1\AppData\Local\Temp\,004034E9,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,004037E6,?,00000008,0000000A,0000000C), ref: 00405DF6
                                                                                                                                                                                                                                                                                                                                    • CharPrevW.USER32(?,00000000,?,C:\Users\user~1\AppData\Local\Temp\,004034E9,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,004037E6,?,00000008,0000000A,0000000C), ref: 00405E00
                                                                                                                                                                                                                                                                                                                                    • lstrcatW.KERNEL32(?,0040A014), ref: 00405E12
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    • C:\Users\user~1\AppData\Local\Temp\, xrefs: 00405DF0
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: CharPrevlstrcatlstrlen
                                                                                                                                                                                                                                                                                                                                    • String ID: C:\Users\user~1\AppData\Local\Temp\
                                                                                                                                                                                                                                                                                                                                    • API String ID: 2659869361-2382934351
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 1ad634ba4b40e47f3a67f9c69e663da68b942b7adec5edae9754e9c2c01f4b37
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: dcf52917e326d6ada13c2a72ecce68a7b96b6e8782615359caad44c872c99b85
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 1ad634ba4b40e47f3a67f9c69e663da68b942b7adec5edae9754e9c2c01f4b37
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: EBD05EB1101634AAC2116B48AC04CDF62AC9E86704381402AF141B20A6C7785D6296ED
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00402643 Relevance: 6.1, APIs: 2, Strings: 2, Instructions: 65stringCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • lstrlenA.KERNEL32(C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp), ref: 0040269A
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: lstrlen
                                                                                                                                                                                                                                                                                                                                    • String ID: $VersionToInstall$C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp
                                                                                                                                                                                                                                                                                                                                    • API String ID: 1659193697-4242287189
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: f2de93d2cbfdfbbd543327fb15e7a976db9068b6b3b762b7b4e06a4d28570762
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 24c820640bf83c35ca015f911653a3ecbd9f7363fc1a8715c972f2d02b23d4ac
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: f2de93d2cbfdfbbd543327fb15e7a976db9068b6b3b762b7b4e06a4d28570762
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 11113A72A40311BBCB00BBB19E46EAE36709F50748F60443FF402F61C0D6FD4991565E
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 0040301E Relevance: 6.0, APIs: 4, Instructions: 33COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • DestroyWindow.USER32(?,00000000,004031FC,00000001), ref: 00403031
                                                                                                                                                                                                                                                                                                                                    • GetTickCount.KERNEL32 ref: 0040304F
                                                                                                                                                                                                                                                                                                                                    • CreateDialogParamW.USER32(0000006F,00000000,00402F98,00000000), ref: 0040306C
                                                                                                                                                                                                                                                                                                                                    • ShowWindow.USER32(00000000,00000005), ref: 0040307A
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: Window$CountCreateDestroyDialogParamShowTick
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 2102729457-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 1f524868e2ec5e9a115d67c2f52ec07950574c6e8f58c79c8196e6c31eccfe04
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: fc94ebd698381dfc42c8ec832a7b78cf8da54aaf5e1058e2af7a384a9ccf94d3
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 1f524868e2ec5e9a115d67c2f52ec07950574c6e8f58c79c8196e6c31eccfe04
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 0FF05471602621ABC6306F50BD08A9B7E69FB44B53F41087AF045B11A9CB7548828B9C
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 0040551A Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 46windowCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • IsWindowVisible.USER32(?), ref: 00405549
                                                                                                                                                                                                                                                                                                                                    • CallWindowProcW.USER32(?,?,?,?), ref: 0040559A
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 004044EC: SendMessageW.USER32(?,00000000,00000000,00000000), ref: 004044FE
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: Window$CallMessageProcSendVisible
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 3748168415-3916222277
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 8a6e7ab2b2ebc920f12c2d5b2b2096f2e9954bb0ec9a095f665350d4b71d8349
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 85372f17a9103eb01fcdfd8a19690b8d052d76dd043ca16804f8a0d8951f02ed
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 8a6e7ab2b2ebc920f12c2d5b2b2096f2e9954bb0ec9a095f665350d4b71d8349
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 53017171200609BFDF309F51DD80AAB362AFB84750F540437FA047A1D5C7B98D52AE69
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 004063EF Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 44registryCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • RegQueryValueExW.ADVAPI32(?,00000000,00000000,00421EE8,?,00000800,00000000,?,00421EE8,?,?,"C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" /D=,?,00000000,00406660,80000002), ref: 00406435
                                                                                                                                                                                                                                                                                                                                    • RegCloseKey.ADVAPI32(?), ref: 00406440
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    • "C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" /D=, xrefs: 004063F6
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: CloseQueryValue
                                                                                                                                                                                                                                                                                                                                    • String ID: "C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" /D=
                                                                                                                                                                                                                                                                                                                                    • API String ID: 3356406503-748030194
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: d1d1cf9fba81775932f415e0b00659446f948772619985b3c02fdc538e95a10d
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 441e6d046e2572fd66e4c77006f0a98464fe89a944563537cf106c849ea921cc
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: d1d1cf9fba81775932f415e0b00659446f948772619985b3c02fdc538e95a10d
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 4F017172500209ABDF218F51CD05EDB3BA9EB54354F01403AFD1992191D738D968DF94
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00403B5E Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 19COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • FreeLibrary.KERNEL32(?,771B3420,00000000,C:\Users\user~1\AppData\Local\Temp\,00403B36,00403A4C,?,?,00000008,0000000A,0000000C), ref: 00403B78
                                                                                                                                                                                                                                                                                                                                    • GlobalFree.KERNEL32(?), ref: 00403B7F
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    • C:\Users\user~1\AppData\Local\Temp\, xrefs: 00403B5E
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: Free$GlobalLibrary
                                                                                                                                                                                                                                                                                                                                    • String ID: C:\Users\user~1\AppData\Local\Temp\
                                                                                                                                                                                                                                                                                                                                    • API String ID: 1100898210-2382934351
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 628ac1cb43285a1a84ac4c7f875ed8910a03c7a164280e3efa8a6a131abbe062
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 6899552f53244e150386b1952d758f3f927a5bb415edc3c38dc9ad64461d36a3
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 628ac1cb43285a1a84ac4c7f875ed8910a03c7a164280e3efa8a6a131abbe062
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 59E08C3250102057CA211F05ED04B1AB7B8AF45B27F06452AE8407B26287B42C838FD8
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00405E3C Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 16stringCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • lstrlenW.KERNEL32(80000000,C:\Users\user\Desktop,004030EE,C:\Users\user\Desktop,C:\Users\user\Desktop,C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe,C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe,80000000,00000003), ref: 00405E42
                                                                                                                                                                                                                                                                                                                                    • CharPrevW.USER32(80000000,00000000,80000000,C:\Users\user\Desktop,004030EE,C:\Users\user\Desktop,C:\Users\user\Desktop,C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe,C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MSIL.zgRAT.Heur.21652.15881.exe,80000000,00000003), ref: 00405E52
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: CharPrevlstrlen
                                                                                                                                                                                                                                                                                                                                    • String ID: C:\Users\user\Desktop
                                                                                                                                                                                                                                                                                                                                    • API String ID: 2709904686-3976562730
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 4d9a109f9f2e29ac56c0736ccbd4fa6bf3a04a93e1f4050107f2eb61dc35f761
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: eba18341e72c17137544591cfc51a7e4cac6184970473274e9d14fc4341c5a90
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 4d9a109f9f2e29ac56c0736ccbd4fa6bf3a04a93e1f4050107f2eb61dc35f761
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 29D0A7F3400A30DAC3127708EC00D9F77ACEF16700746443AE580A7165D7785D818AEC
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00405F76 Relevance: 5.0, APIs: 4, Instructions: 37stringCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • lstrlenA.KERNEL32(00000000,00000000,00000000,00000000,?,00000000,0040625B,00000000,[Rename],00000000,00000000,00000000,?,?,?,?), ref: 00405F86
                                                                                                                                                                                                                                                                                                                                    • lstrcmpiA.KERNEL32(00000000,00000000), ref: 00405F9E
                                                                                                                                                                                                                                                                                                                                    • CharNextA.USER32(00000000,?,00000000,0040625B,00000000,[Rename],00000000,00000000,00000000,?,?,?,?), ref: 00405FAF
                                                                                                                                                                                                                                                                                                                                    • lstrlenA.KERNEL32(00000000,?,00000000,0040625B,00000000,[Rename],00000000,00000000,00000000,?,?,?,?), ref: 00405FB8
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000001.00000002.2523945802.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2523818995.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524074480.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524193045.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000001.00000002.2524782702.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_1_2_400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: lstrlen$CharNextlstrcmpi
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 190613189-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 2e04212541fd7d2d0fc4f715182178ccf0de62a07a1c27cf83518a5c6c9cf375
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: baa81b9806bcf2d0018ef5e19b9a589e3df5f1c452cb3fab7a363fd504aebd5e
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 2e04212541fd7d2d0fc4f715182178ccf0de62a07a1c27cf83518a5c6c9cf375
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 87F0C231105914EFCB029BA5CE00D9EBFA8EF15254B2100BAE840F7250D638DE019BA8
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Execution Graph

                                                                                                                                                                                                                                                                                                                                    Execution Coverage:27.8%
                                                                                                                                                                                                                                                                                                                                    Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                                                                                                                                                                                    Signature Coverage:0%
                                                                                                                                                                                                                                                                                                                                    Total number of Nodes:1399
                                                                                                                                                                                                                                                                                                                                    Total number of Limit Nodes:37
                                                                                                                                                                                                                                                                                                                                    execution_graph 3228 4047c0 3229 4047d8 3228->3229 3235 4048f2 3228->3235 3259 404601 3229->3259 3230 40495c 3231 404a26 3230->3231 3232 404966 GetDlgItem 3230->3232 3271 404668 3231->3271 3233 404980 3232->3233 3234 4049e7 3232->3234 3233->3234 3240 4049a6 SendMessageW LoadCursorW SetCursor 3233->3240 3234->3231 3241 4049f9 3234->3241 3235->3230 3235->3231 3238 40492d GetDlgItem SendMessageW 3235->3238 3264 404623 KiUserCallbackDispatcher 3238->3264 3239 40483f 3243 404601 22 API calls 3239->3243 3268 404a6f 3240->3268 3246 404a0f 3241->3246 3247 4049ff SendMessageW 3241->3247 3244 40484c CheckDlgButton 3243->3244 3262 404623 KiUserCallbackDispatcher 3244->3262 3251 404a21 3246->3251 3252 404a15 SendMessageW 3246->3252 3247->3246 3248 404957 3265 404a4b 3248->3265 3252->3251 3254 40486a GetDlgItem 3263 404636 SendMessageW 3254->3263 3256 404880 SendMessageW 3257 4048a6 SendMessageW SendMessageW lstrlenW SendMessageW SendMessageW 3256->3257 3258 40489d GetSysColor 3256->3258 3257->3251 3258->3257 3285 4066bf 3259->3285 3262->3254 3263->3256 3264->3248 3266 404a59 3265->3266 3267 404a5e SendMessageW 3265->3267 3266->3267 3267->3230 3336 405ca8 ShellExecuteExW 3268->3336 3270 4049d5 LoadCursorW SetCursor 3270->3234 3272 40472b 3271->3272 3273 404680 GetWindowLongW 3271->3273 3272->3251 3273->3272 3274 404695 3273->3274 3274->3272 3275 4046c2 GetSysColor 3274->3275 3276 4046c5 3274->3276 3275->3276 3277 4046d5 SetBkMode 3276->3277 3278 4046cb SetTextColor 3276->3278 3279 4046f3 3277->3279 3280 4046ed GetSysColor 3277->3280 3278->3277 3281 404704 3279->3281 3282 4046fa SetBkColor 3279->3282 3280->3279 3281->3272 3283 404717 DeleteObject 3281->3283 3284 40471e CreateBrushIndirect 3281->3284 3282->3281 3283->3284 3284->3272 3290 4066ca 3285->3290 3286 406911 3287 40460c SetDlgItemTextW 3286->3287 3324 406682 lstrcpynW 3286->3324 3287->3239 3289 4068e2 lstrlenW 3289->3290 3290->3286 3290->3289 3293 4067db GetSystemDirectoryW 3290->3293 3294 4066bf 15 API calls 3290->3294 3296 4067f1 GetWindowsDirectoryW 3290->3296 3297 4066bf 15 API calls 3290->3297 3298 406883 lstrcatW 3290->3298 3301 406853 SHGetPathFromIDListW CoTaskMemFree 3290->3301 3302 406550 3290->3302 3307 406a76 GetModuleHandleA 3290->3307 3313 406930 3290->3313 3322 4065c9 wsprintfW 3290->3322 3323 406682 lstrcpynW 3290->3323 3293->3290 3294->3289 3296->3290 3297->3290 3298->3290 3301->3290 3325 4064ef 3302->3325 3305 4065b4 3305->3290 3306 406584 RegQueryValueExW RegCloseKey 3306->3305 3308 406a92 3307->3308 3309 406a9c GetProcAddress 3307->3309 3329 406a06 GetSystemDirectoryW 3308->3329 3312 406aab 3309->3312 3311 406a98 3311->3309 3311->3312 3312->3290 3314 40693d 3313->3314 3316 4069b3 3314->3316 3317 4069a6 CharNextW 3314->3317 3320 406992 CharNextW 3314->3320 3321 4069a1 CharNextW 3314->3321 3332 405f7e 3314->3332 3315 4069b8 CharPrevW 3315->3316 3316->3315 3318 4069d9 3316->3318 3317->3314 3317->3316 3318->3290 3320->3314 3321->3317 3322->3290 3323->3290 3324->3287 3326 4064fe 3325->3326 3327 406502 3326->3327 3328 406507 RegOpenKeyExW 3326->3328 3327->3305 3327->3306 3328->3327 3330 406a28 wsprintfW LoadLibraryExW 3329->3330 3330->3311 3333 405f84 3332->3333 3334 405f9a 3333->3334 3335 405f8b CharNextW 3333->3335 3334->3314 3335->3333 3336->3270 4306 402643 4307 402672 4306->4307 4308 402657 4306->4308 4310 4026a2 4307->4310 4311 402677 4307->4311 4309 402d89 21 API calls 4308->4309 4319 40265e 4309->4319 4313 402dab 21 API calls 4310->4313 4312 402dab 21 API calls 4311->4312 4315 40267e 4312->4315 4314 4026a9 lstrlenW 4313->4314 4314->4319 4323 4066a4 WideCharToMultiByte 4315->4323 4317 402692 lstrlenA 4317->4319 4318 4026ec 4319->4318 4322 4026d6 4319->4322 4324 406253 SetFilePointer 4319->4324 4320 406224 WriteFile 4320->4318 4322->4318 4322->4320 4323->4317 4325 40626f 4324->4325 4330 406287 4324->4330 4326 4061f5 ReadFile 4325->4326 4327 40627b 4326->4327 4328 406290 SetFilePointer 4327->4328 4329 4062b8 SetFilePointer 4327->4329 4327->4330 4328->4329 4331 40629b 4328->4331 4329->4330 4330->4322 4332 406224 WriteFile 4331->4332 4332->4330 3498 403645 SetErrorMode GetVersionExW 3499 4036d1 3498->3499 3500 403699 GetVersionExW 3498->3500 3501 403728 3499->3501 3502 406a76 5 API calls 3499->3502 3500->3499 3503 406a06 3 API calls 3501->3503 3502->3501 3504 40373e lstrlenA 3503->3504 3504->3501 3505 40374e 3504->3505 3506 406a76 5 API calls 3505->3506 3507 403755 3506->3507 3508 406a76 5 API calls 3507->3508 3509 40375c 3508->3509 3510 406a76 5 API calls 3509->3510 3511 403768 #17 OleInitialize SHGetFileInfoW 3510->3511 3586 406682 lstrcpynW 3511->3586 3514 4037b7 GetCommandLineW 3587 406682 lstrcpynW 3514->3587 3516 4037c9 3517 405f7e CharNextW 3516->3517 3518 4037ef CharNextW 3517->3518 3528 403801 3518->3528 3519 403903 3520 403917 GetTempPathW 3519->3520 3588 403614 3520->3588 3522 40392f 3524 403933 GetWindowsDirectoryW lstrcatW 3522->3524 3525 403989 DeleteFileW 3522->3525 3523 405f7e CharNextW 3523->3528 3526 403614 12 API calls 3524->3526 3598 4030d5 GetTickCount GetModuleFileNameW 3525->3598 3529 40394f 3526->3529 3528->3519 3528->3523 3532 403905 3528->3532 3529->3525 3531 403953 GetTempPathW lstrcatW SetEnvironmentVariableW SetEnvironmentVariableW 3529->3531 3530 40399d 3538 405f7e CharNextW 3530->3538 3569 403a44 3530->3569 3577 403a54 3530->3577 3533 403614 12 API calls 3531->3533 3684 406682 lstrcpynW 3532->3684 3536 403981 3533->3536 3536->3525 3536->3577 3542 4039bc 3538->3542 3540 403ba2 3543 405ce2 MessageBoxIndirectW 3540->3543 3541 403bc6 3544 403c4a ExitProcess 3541->3544 3545 403bce GetCurrentProcess OpenProcessToken 3541->3545 3546 403a1a 3542->3546 3547 403a5d 3542->3547 3549 403bb0 ExitProcess 3543->3549 3550 403be6 LookupPrivilegeValueW AdjustTokenPrivileges 3545->3550 3551 403c1a 3545->3551 3685 406059 3546->3685 3701 405c4d 3547->3701 3550->3551 3552 406a76 5 API calls 3551->3552 3555 403c21 3552->3555 3559 403c36 ExitWindowsEx 3555->3559 3561 403c43 3555->3561 3559->3544 3559->3561 3560 403a7c 3563 403a94 3560->3563 3705 406682 lstrcpynW 3560->3705 3564 40140b 2 API calls 3561->3564 3568 403aba wsprintfW 3563->3568 3583 403ae6 3563->3583 3564->3544 3565 403a39 3700 406682 lstrcpynW 3565->3700 3570 4066bf 21 API calls 3568->3570 3628 403d54 3569->3628 3570->3563 3573 403b30 SetCurrentDirectoryW 3751 406442 MoveFileExW 3573->3751 3574 403af6 GetFileAttributesW 3575 403b02 DeleteFileW 3574->3575 3574->3583 3575->3583 3761 403c62 3577->3761 3580 406442 40 API calls 3580->3583 3581 4066bf 21 API calls 3581->3583 3583->3563 3583->3568 3583->3573 3583->3574 3583->3577 3583->3580 3583->3581 3584 403bb8 CloseHandle 3583->3584 3706 405bd6 CreateDirectoryW 3583->3706 3709 405c30 CreateDirectoryW 3583->3709 3712 405d8e 3583->3712 3755 405c65 CreateProcessW 3583->3755 3758 4069df FindFirstFileW 3583->3758 3584->3577 3586->3514 3587->3516 3589 406930 5 API calls 3588->3589 3591 403620 3589->3591 3590 40362a 3590->3522 3591->3590 3770 405f51 lstrlenW CharPrevW 3591->3770 3594 405c30 2 API calls 3595 403638 3594->3595 3596 4061a1 2 API calls 3595->3596 3597 403643 3596->3597 3597->3522 3773 406172 GetFileAttributesW CreateFileW 3598->3773 3600 403118 3627 403125 3600->3627 3774 406682 lstrcpynW 3600->3774 3602 40313b 3775 405f9d lstrlenW 3602->3775 3606 40314c GetFileSize 3607 403246 3606->3607 3618 403163 3606->3618 3780 403033 3607->3780 3611 40328b GlobalAlloc 3614 4032a2 3611->3614 3613 4032e3 3615 403033 36 API calls 3613->3615 3619 4061a1 2 API calls 3614->3619 3615->3627 3616 40326c 3617 4035e7 ReadFile 3616->3617 3621 403277 3617->3621 3618->3607 3618->3613 3622 403033 36 API calls 3618->3622 3618->3627 3811 4035e7 3618->3811 3620 4032b3 CreateFileW 3619->3620 3623 4032ed 3620->3623 3620->3627 3621->3611 3621->3627 3622->3618 3795 4035fd SetFilePointer 3623->3795 3625 4032fb 3796 403376 3625->3796 3627->3530 3629 406a76 5 API calls 3628->3629 3630 403d68 3629->3630 3631 403d80 3630->3631 3632 403d6e 3630->3632 3633 406550 3 API calls 3631->3633 3873 4065c9 wsprintfW 3632->3873 3634 403db0 3633->3634 3636 403dcf lstrcatW 3634->3636 3638 406550 3 API calls 3634->3638 3637 403d7e 3636->3637 3858 40402a 3637->3858 3638->3636 3641 406059 18 API calls 3642 403e01 3641->3642 3643 403e95 3642->3643 3645 406550 3 API calls 3642->3645 3644 406059 18 API calls 3643->3644 3646 403e9b 3644->3646 3652 403e33 3645->3652 3647 403eab LoadImageW 3646->3647 3648 4066bf 21 API calls 3646->3648 3649 403f51 3647->3649 3650 403ed2 RegisterClassW 3647->3650 3648->3647 3654 40140b 2 API calls 3649->3654 3653 403f08 SystemParametersInfoW CreateWindowExW 3650->3653 3683 403f5b 3650->3683 3651 403e54 lstrlenW 3656 403e62 lstrcmpiW 3651->3656 3657 403e88 3651->3657 3652->3643 3652->3651 3655 405f7e CharNextW 3652->3655 3653->3649 3658 403f57 3654->3658 3660 403e51 3655->3660 3656->3657 3661 403e72 GetFileAttributesW 3656->3661 3659 405f51 3 API calls 3657->3659 3662 40402a 22 API calls 3658->3662 3658->3683 3663 403e8e 3659->3663 3660->3651 3664 403e7e 3661->3664 3666 403f68 3662->3666 3874 406682 lstrcpynW 3663->3874 3664->3657 3665 405f9d 2 API calls 3664->3665 3665->3657 3668 403f74 ShowWindow 3666->3668 3669 403ff7 3666->3669 3671 406a06 3 API calls 3668->3671 3866 4057da OleInitialize 3669->3866 3673 403f8c 3671->3673 3672 403ffd 3674 404001 3672->3674 3675 404019 3672->3675 3676 403f9a GetClassInfoW 3673->3676 3678 406a06 3 API calls 3673->3678 3681 40140b 2 API calls 3674->3681 3674->3683 3677 40140b 2 API calls 3675->3677 3679 403fc4 DialogBoxParamW 3676->3679 3680 403fae GetClassInfoW RegisterClassW 3676->3680 3677->3683 3678->3676 3682 40140b 2 API calls 3679->3682 3680->3679 3681->3683 3682->3683 3683->3577 3684->3520 3876 406682 lstrcpynW 3685->3876 3687 40606a 3877 405ffc CharNextW CharNextW 3687->3877 3690 403a26 3690->3577 3699 406682 lstrcpynW 3690->3699 3691 406930 5 API calls 3697 406080 3691->3697 3692 4060b1 lstrlenW 3693 4060bc 3692->3693 3692->3697 3694 405f51 3 API calls 3693->3694 3696 4060c1 GetFileAttributesW 3694->3696 3695 4069df 2 API calls 3695->3697 3696->3690 3697->3690 3697->3692 3697->3695 3698 405f9d 2 API calls 3697->3698 3698->3692 3699->3565 3700->3569 3702 406a76 5 API calls 3701->3702 3703 403a62 lstrlenW 3702->3703 3704 406682 lstrcpynW 3703->3704 3704->3560 3705->3563 3707 405c22 3706->3707 3708 405c26 GetLastError 3706->3708 3707->3583 3708->3707 3710 405c40 3709->3710 3711 405c44 GetLastError 3709->3711 3710->3583 3711->3710 3713 406059 18 API calls 3712->3713 3714 405dae 3713->3714 3715 405db6 DeleteFileW 3714->3715 3716 405dcd 3714->3716 3717 405f04 3715->3717 3718 405eed 3716->3718 3883 406682 lstrcpynW 3716->3883 3717->3583 3718->3717 3725 4069df 2 API calls 3718->3725 3720 405df3 3721 405e06 3720->3721 3722 405df9 lstrcatW 3720->3722 3724 405f9d 2 API calls 3721->3724 3723 405e0c 3722->3723 3726 405e1c lstrcatW 3723->3726 3728 405e27 lstrlenW FindFirstFileW 3723->3728 3724->3723 3727 405f12 3725->3727 3726->3728 3727->3717 3729 405f16 3727->3729 3728->3718 3736 405e49 3728->3736 3730 405f51 3 API calls 3729->3730 3731 405f1c 3730->3731 3733 405d46 5 API calls 3731->3733 3732 405ed0 FindNextFileW 3732->3736 3737 405ee6 FindClose 3732->3737 3735 405f28 3733->3735 3738 405f42 3735->3738 3739 405f2c 3735->3739 3736->3732 3740 405e91 3736->3740 3884 406682 lstrcpynW 3736->3884 3737->3718 3742 405707 28 API calls 3738->3742 3739->3717 3743 405707 28 API calls 3739->3743 3740->3732 3744 405d8e 64 API calls 3740->3744 3747 405707 28 API calls 3740->3747 3749 405707 28 API calls 3740->3749 3750 406442 40 API calls 3740->3750 3885 405d46 3740->3885 3742->3717 3745 405f39 3743->3745 3744->3740 3746 406442 40 API calls 3745->3746 3748 405f40 3746->3748 3747->3732 3748->3717 3749->3740 3750->3740 3752 403b3f CopyFileW 3751->3752 3753 406456 3751->3753 3752->3577 3752->3583 3896 4062c8 3753->3896 3756 405ca4 3755->3756 3757 405c98 CloseHandle 3755->3757 3756->3583 3757->3756 3759 406a00 3758->3759 3760 4069f5 FindClose 3758->3760 3759->3583 3760->3759 3762 403c73 CloseHandle 3761->3762 3763 403c7d 3761->3763 3762->3763 3764 403c91 3763->3764 3765 403c87 CloseHandle 3763->3765 3930 403cbf 3764->3930 3765->3764 3768 405d8e 71 API calls 3769 403b95 OleUninitialize 3768->3769 3769->3540 3769->3541 3771 403632 3770->3771 3772 405f6d lstrcatW 3770->3772 3771->3594 3772->3771 3773->3600 3774->3602 3776 405fab 3775->3776 3777 405fb1 CharPrevW 3776->3777 3778 403141 3776->3778 3777->3776 3777->3778 3779 406682 lstrcpynW 3778->3779 3779->3606 3781 403044 3780->3781 3782 40305c 3780->3782 3783 40304d DestroyWindow 3781->3783 3786 403054 3781->3786 3784 403064 3782->3784 3785 40306c GetTickCount 3782->3785 3783->3786 3815 406ab2 3784->3815 3785->3786 3788 40307a 3785->3788 3786->3611 3786->3627 3814 4035fd SetFilePointer 3786->3814 3789 403082 3788->3789 3790 4030af CreateDialogParamW ShowWindow 3788->3790 3789->3786 3819 403017 3789->3819 3790->3786 3792 403090 wsprintfW 3822 405707 3792->3822 3795->3625 3797 4033a1 3796->3797 3798 403385 SetFilePointer 3796->3798 3833 40347e GetTickCount 3797->3833 3798->3797 3801 40343e 3801->3627 3804 40347e 46 API calls 3805 4033d8 3804->3805 3805->3801 3806 403444 ReadFile 3805->3806 3808 4033e7 3805->3808 3806->3801 3808->3801 3809 4061f5 ReadFile 3808->3809 3848 406224 WriteFile 3808->3848 3809->3808 3812 4061f5 ReadFile 3811->3812 3813 4035fa 3812->3813 3813->3618 3814->3616 3816 406acf PeekMessageW 3815->3816 3817 406ac5 DispatchMessageW 3816->3817 3818 406adf 3816->3818 3817->3816 3818->3786 3820 403026 3819->3820 3821 403028 MulDiv 3819->3821 3820->3821 3821->3792 3823 405722 3822->3823 3832 4030ad 3822->3832 3824 40573e lstrlenW 3823->3824 3825 4066bf 21 API calls 3823->3825 3826 405767 3824->3826 3827 40574c lstrlenW 3824->3827 3825->3824 3829 40577a 3826->3829 3830 40576d SetWindowTextW 3826->3830 3828 40575e lstrcatW 3827->3828 3827->3832 3828->3826 3831 405780 SendMessageW SendMessageW SendMessageW 3829->3831 3829->3832 3830->3829 3831->3832 3832->3786 3834 4035d6 3833->3834 3835 4034ac 3833->3835 3837 403033 36 API calls 3834->3837 3850 4035fd SetFilePointer 3835->3850 3838 4033a8 3837->3838 3838->3801 3846 4061f5 ReadFile 3838->3846 3839 4034b7 SetFilePointer 3840 4034dc 3839->3840 3840->3838 3841 4035e7 ReadFile 3840->3841 3843 403033 36 API calls 3840->3843 3844 406224 WriteFile 3840->3844 3845 4035b7 SetFilePointer 3840->3845 3851 406bf1 3840->3851 3841->3840 3843->3840 3844->3840 3845->3834 3847 4033c1 3846->3847 3847->3801 3847->3804 3849 406242 3848->3849 3849->3808 3850->3839 3852 406c16 3851->3852 3853 406c1e 3851->3853 3852->3840 3853->3852 3854 406ca5 GlobalFree 3853->3854 3855 406cae GlobalAlloc 3853->3855 3856 406d25 GlobalAlloc 3853->3856 3857 406d1c GlobalFree 3853->3857 3854->3855 3855->3852 3855->3853 3856->3852 3856->3853 3857->3856 3859 40403e 3858->3859 3875 4065c9 wsprintfW 3859->3875 3861 4040af 3862 4040e3 22 API calls 3861->3862 3864 4040b4 3862->3864 3863 403ddf 3863->3641 3864->3863 3865 4066bf 21 API calls 3864->3865 3865->3864 3867 40464d SendMessageW 3866->3867 3869 4057fd 3867->3869 3868 405824 3870 40464d SendMessageW 3868->3870 3869->3868 3872 401389 2 API calls 3869->3872 3871 405836 OleUninitialize 3870->3871 3871->3672 3872->3869 3873->3637 3874->3643 3875->3861 3876->3687 3878 406019 3877->3878 3879 40602b 3877->3879 3878->3879 3880 406026 CharNextW 3878->3880 3881 40604f 3879->3881 3882 405f7e CharNextW 3879->3882 3880->3881 3881->3690 3881->3691 3882->3879 3883->3720 3884->3736 3893 40614d GetFileAttributesW 3885->3893 3888 405d61 RemoveDirectoryW 3891 405d6f 3888->3891 3889 405d69 DeleteFileW 3889->3891 3890 405d73 3890->3740 3891->3890 3892 405d7f SetFileAttributesW 3891->3892 3892->3890 3894 405d52 3893->3894 3895 40615f SetFileAttributesW 3893->3895 3894->3888 3894->3889 3894->3890 3895->3894 3897 4062f8 3896->3897 3898 40631e GetShortPathNameW 3896->3898 3923 406172 GetFileAttributesW CreateFileW 3897->3923 3900 406333 3898->3900 3901 40643d 3898->3901 3900->3901 3903 40633b wsprintfA 3900->3903 3901->3752 3902 406302 CloseHandle GetShortPathNameW 3902->3901 3904 406316 3902->3904 3905 4066bf 21 API calls 3903->3905 3904->3898 3904->3901 3906 406363 3905->3906 3924 406172 GetFileAttributesW CreateFileW 3906->3924 3908 406370 3908->3901 3909 40637f GetFileSize GlobalAlloc 3908->3909 3910 4063a1 3909->3910 3911 406436 CloseHandle 3909->3911 3912 4061f5 ReadFile 3910->3912 3911->3901 3913 4063a9 3912->3913 3913->3911 3925 4060d7 lstrlenA 3913->3925 3916 4063c0 lstrcpyA 3919 4063e2 3916->3919 3917 4063d4 3918 4060d7 4 API calls 3917->3918 3918->3919 3920 406419 SetFilePointer 3919->3920 3921 406224 WriteFile 3920->3921 3922 40642f GlobalFree 3921->3922 3922->3911 3923->3902 3924->3908 3926 406118 lstrlenA 3925->3926 3927 4060f1 lstrcmpiA 3926->3927 3928 406120 3926->3928 3927->3928 3929 40610f CharNextA 3927->3929 3928->3916 3928->3917 3929->3926 3931 403ccd 3930->3931 3932 403c96 3931->3932 3933 403cd2 FreeLibrary GlobalFree 3931->3933 3932->3768 3933->3932 3933->3933 3934 4015c6 3935 402dab 21 API calls 3934->3935 3936 4015cd 3935->3936 3937 405ffc 4 API calls 3936->3937 3938 4015d6 3937->3938 3939 401636 3938->3939 3940 405f7e CharNextW 3938->3940 3946 405c30 2 API calls 3938->3946 3948 405c4d 5 API calls 3938->3948 3951 40161c GetFileAttributesW 3938->3951 3952 405bd6 2 API calls 3938->3952 3941 401668 3939->3941 3942 40163b 3939->3942 3940->3938 3944 401423 28 API calls 3941->3944 3953 401423 3942->3953 3950 401660 3944->3950 3946->3938 3948->3938 3949 40164f SetCurrentDirectoryW 3949->3950 3951->3938 3952->3938 3954 405707 28 API calls 3953->3954 3955 401431 3954->3955 3956 406682 lstrcpynW 3955->3956 3956->3949 3957 405846 3958 4059f0 3957->3958 3959 405867 GetDlgItem GetDlgItem GetDlgItem 3957->3959 3961 405a21 3958->3961 3962 4059f9 GetDlgItem CreateThread FindCloseChangeNotification 3958->3962 4002 404636 SendMessageW 3959->4002 3964 405a71 3961->3964 3965 405a38 ShowWindow ShowWindow 3961->3965 3966 405a4c 3961->3966 3962->3961 4005 4057da 5 API calls 3962->4005 3963 4058d7 3968 4058de GetClientRect GetSystemMetrics SendMessageW SendMessageW 3963->3968 3972 404668 8 API calls 3964->3972 4004 404636 SendMessageW 3965->4004 3967 405aac 3966->3967 3970 405a60 3966->3970 3971 405a86 ShowWindow 3966->3971 3967->3964 3975 405aba SendMessageW 3967->3975 3973 405930 SendMessageW SendMessageW 3968->3973 3974 40594c 3968->3974 3976 4045da SendMessageW 3970->3976 3978 405aa6 3971->3978 3979 405a98 3971->3979 3977 405a7f 3972->3977 3973->3974 3980 405951 SendMessageW 3974->3980 3981 40595f 3974->3981 3975->3977 3982 405ad3 CreatePopupMenu 3975->3982 3976->3964 3984 4045da SendMessageW 3978->3984 3983 405707 28 API calls 3979->3983 3980->3981 3986 404601 22 API calls 3981->3986 3985 4066bf 21 API calls 3982->3985 3983->3978 3984->3967 3987 405ae3 AppendMenuW 3985->3987 3988 40596f 3986->3988 3989 405b00 GetWindowRect 3987->3989 3990 405b13 TrackPopupMenu 3987->3990 3991 405978 ShowWindow 3988->3991 3992 4059ac GetDlgItem SendMessageW 3988->3992 3989->3990 3990->3977 3993 405b2e 3990->3993 3994 40599b 3991->3994 3995 40598e ShowWindow 3991->3995 3992->3977 3996 4059d3 SendMessageW SendMessageW 3992->3996 3997 405b4a SendMessageW 3993->3997 4003 404636 SendMessageW 3994->4003 3995->3994 3996->3977 3997->3997 3998 405b67 OpenClipboard EmptyClipboard GlobalAlloc GlobalLock 3997->3998 4000 405b8c SendMessageW 3998->4000 4000->4000 4001 405bb5 GlobalUnlock SetClipboardData CloseClipboard 4000->4001 4001->3977 4002->3963 4003->3992 4004->3966 4333 404e48 4334 404e74 4333->4334 4335 404e58 4333->4335 4337 404ea7 4334->4337 4338 404e7a SHGetPathFromIDListW 4334->4338 4344 405cc6 GetDlgItemTextW 4335->4344 4340 404e91 SendMessageW 4338->4340 4341 404e8a 4338->4341 4339 404e65 SendMessageW 4339->4334 4340->4337 4342 40140b 2 API calls 4341->4342 4342->4340 4344->4339 4345 401c48 4346 402d89 21 API calls 4345->4346 4347 401c4f 4346->4347 4348 402d89 21 API calls 4347->4348 4349 401c5c 4348->4349 4350 401c71 4349->4350 4351 402dab 21 API calls 4349->4351 4352 401c81 4350->4352 4353 402dab 21 API calls 4350->4353 4351->4350 4354 401cd8 4352->4354 4355 401c8c 4352->4355 4353->4352 4356 402dab 21 API calls 4354->4356 4357 402d89 21 API calls 4355->4357 4358 401cdd 4356->4358 4359 401c91 4357->4359 4361 402dab 21 API calls 4358->4361 4360 402d89 21 API calls 4359->4360 4362 401c9d 4360->4362 4363 401ce6 FindWindowExW 4361->4363 4364 401cc8 SendMessageW 4362->4364 4365 401caa SendMessageTimeoutW 4362->4365 4366 401d08 4363->4366 4364->4366 4365->4366 4367 4028c9 4368 4028cf 4367->4368 4369 4028d7 FindClose 4368->4369 4370 402c2f 4368->4370 4369->4370 4034 4014cb 4035 405707 28 API calls 4034->4035 4036 4014d2 4035->4036 4371 4016d1 4372 402dab 21 API calls 4371->4372 4373 4016d7 GetFullPathNameW 4372->4373 4374 4016f1 4373->4374 4380 401713 4373->4380 4377 4069df 2 API calls 4374->4377 4374->4380 4375 401728 GetShortPathNameW 4376 402c2f 4375->4376 4378 401703 4377->4378 4378->4380 4381 406682 lstrcpynW 4378->4381 4380->4375 4380->4376 4381->4380 4382 401e53 GetDC 4383 402d89 21 API calls 4382->4383 4384 401e65 GetDeviceCaps MulDiv ReleaseDC 4383->4384 4385 402d89 21 API calls 4384->4385 4386 401e96 4385->4386 4387 4066bf 21 API calls 4386->4387 4388 401ed3 CreateFontIndirectW 4387->4388 4389 40263d 4388->4389 4390 402955 4391 402dab 21 API calls 4390->4391 4392 402961 4391->4392 4393 402977 4392->4393 4394 402dab 21 API calls 4392->4394 4395 40614d 2 API calls 4393->4395 4394->4393 4396 40297d 4395->4396 4418 406172 GetFileAttributesW CreateFileW 4396->4418 4398 40298a 4399 402a40 4398->4399 4400 4029a5 GlobalAlloc 4398->4400 4401 402a28 4398->4401 4402 402a47 DeleteFileW 4399->4402 4403 402a5a 4399->4403 4400->4401 4404 4029be 4400->4404 4405 403376 48 API calls 4401->4405 4402->4403 4419 4035fd SetFilePointer 4404->4419 4407 402a35 CloseHandle 4405->4407 4407->4399 4408 4029c4 4409 4035e7 ReadFile 4408->4409 4410 4029cd GlobalAlloc 4409->4410 4411 402a11 4410->4411 4412 4029dd 4410->4412 4413 406224 WriteFile 4411->4413 4414 403376 48 API calls 4412->4414 4415 402a1d GlobalFree 4413->4415 4417 4029ea 4414->4417 4415->4401 4416 402a08 GlobalFree 4416->4411 4417->4416 4418->4398 4419->4408 4434 4014d7 4435 402d89 21 API calls 4434->4435 4436 4014dd Sleep 4435->4436 4438 402c2f 4436->4438 4439 40195b 4440 402dab 21 API calls 4439->4440 4441 401962 lstrlenW 4440->4441 4442 40263d 4441->4442 4280 4020dd 4281 4020ef 4280->4281 4283 4021a1 4280->4283 4282 402dab 21 API calls 4281->4282 4285 4020f6 4282->4285 4284 401423 28 API calls 4283->4284 4290 4022fb 4284->4290 4286 402dab 21 API calls 4285->4286 4287 4020ff 4286->4287 4288 402115 LoadLibraryExW 4287->4288 4289 402107 GetModuleHandleW 4287->4289 4288->4283 4291 402126 4288->4291 4289->4288 4289->4291 4300 406ae5 4291->4300 4294 402170 4296 405707 28 API calls 4294->4296 4295 402137 4297 401423 28 API calls 4295->4297 4298 402147 4295->4298 4296->4298 4297->4298 4298->4290 4299 402193 FreeLibrary 4298->4299 4299->4290 4305 4066a4 WideCharToMultiByte 4300->4305 4302 406b02 4303 406b09 GetProcAddress 4302->4303 4304 402131 4302->4304 4303->4304 4304->4294 4304->4295 4305->4302 4450 402b5e 4451 402bb0 4450->4451 4452 402b65 4450->4452 4453 406a76 5 API calls 4451->4453 4455 402d89 21 API calls 4452->4455 4456 402bae 4452->4456 4454 402bb7 4453->4454 4457 402dab 21 API calls 4454->4457 4458 402b73 4455->4458 4459 402bc0 4457->4459 4460 402d89 21 API calls 4458->4460 4459->4456 4461 402bc4 IIDFromString 4459->4461 4463 402b7f 4460->4463 4461->4456 4462 402bd3 4461->4462 4462->4456 4468 406682 lstrcpynW 4462->4468 4467 4065c9 wsprintfW 4463->4467 4465 402bf0 CoTaskMemFree 4465->4456 4467->4456 4468->4465 4469 402a60 4470 402d89 21 API calls 4469->4470 4471 402a66 4470->4471 4472 402aa9 4471->4472 4473 402a8d 4471->4473 4481 402933 4471->4481 4474 402ac3 4472->4474 4475 402ab3 4472->4475 4476 402a92 4473->4476 4477 402aa3 4473->4477 4479 4066bf 21 API calls 4474->4479 4478 402d89 21 API calls 4475->4478 4483 406682 lstrcpynW 4476->4483 4477->4481 4484 4065c9 wsprintfW 4477->4484 4478->4477 4479->4477 4483->4481 4484->4481 3364 401761 3370 402dab 3364->3370 3368 40176f 3369 4061a1 2 API calls 3368->3369 3369->3368 3371 402db7 3370->3371 3372 4066bf 21 API calls 3371->3372 3373 402dd8 3372->3373 3374 401768 3373->3374 3375 406930 5 API calls 3373->3375 3376 4061a1 3374->3376 3375->3374 3377 4061ae GetTickCount GetTempFileNameW 3376->3377 3378 4061e8 3377->3378 3379 4061e4 3377->3379 3378->3368 3379->3377 3379->3378 4485 401d62 4486 402d89 21 API calls 4485->4486 4487 401d73 SetWindowLongW 4486->4487 4488 402c2f 4487->4488 3472 4028e3 3473 4028eb 3472->3473 3474 4028ef FindNextFileW 3473->3474 3477 402901 3473->3477 3475 402948 3474->3475 3474->3477 3478 406682 lstrcpynW 3475->3478 3478->3477 4489 401568 4490 402ba9 4489->4490 4493 4065c9 wsprintfW 4490->4493 4492 402bae 4493->4492 4501 40196d 4502 402d89 21 API calls 4501->4502 4503 401974 4502->4503 4504 402d89 21 API calls 4503->4504 4505 401981 4504->4505 4506 402dab 21 API calls 4505->4506 4507 401998 lstrlenW 4506->4507 4509 4019a9 4507->4509 4508 4019ea 4509->4508 4513 406682 lstrcpynW 4509->4513 4511 4019da 4511->4508 4512 4019df lstrlenW 4511->4512 4512->4508 4513->4511 4514 40506e GetDlgItem GetDlgItem 4515 4050c0 7 API calls 4514->4515 4528 4052e5 4514->4528 4516 405167 DeleteObject 4515->4516 4517 40515a SendMessageW 4515->4517 4518 405170 4516->4518 4517->4516 4520 4051a7 4518->4520 4522 4066bf 21 API calls 4518->4522 4519 4053c7 4521 405473 4519->4521 4531 405420 SendMessageW 4519->4531 4554 4052d8 4519->4554 4523 404601 22 API calls 4520->4523 4526 405485 4521->4526 4527 40547d SendMessageW 4521->4527 4529 405189 SendMessageW SendMessageW 4522->4529 4524 4051bb 4523->4524 4530 404601 22 API calls 4524->4530 4525 405354 4525->4519 4532 4053b9 SendMessageW 4525->4532 4534 4054ae 4526->4534 4540 405497 ImageList_Destroy 4526->4540 4541 40549e 4526->4541 4527->4526 4528->4519 4528->4525 4568 404fbc SendMessageW 4528->4568 4529->4518 4536 4051cc 4530->4536 4538 405435 SendMessageW 4531->4538 4531->4554 4532->4519 4533 404668 8 API calls 4539 405674 4533->4539 4537 405628 4534->4537 4561 4054e9 4534->4561 4573 40503c 4534->4573 4543 4052a7 GetWindowLongW SetWindowLongW 4536->4543 4550 40521f SendMessageW 4536->4550 4552 4052a2 4536->4552 4555 405271 SendMessageW 4536->4555 4556 40525d SendMessageW 4536->4556 4544 40563a ShowWindow GetDlgItem ShowWindow 4537->4544 4537->4554 4546 405448 4538->4546 4540->4541 4541->4534 4542 4054a7 GlobalFree 4541->4542 4542->4534 4545 4052c0 4543->4545 4544->4554 4547 4052c5 ShowWindow 4545->4547 4548 4052dd 4545->4548 4551 405459 SendMessageW 4546->4551 4566 404636 SendMessageW 4547->4566 4567 404636 SendMessageW 4548->4567 4550->4536 4551->4521 4552->4543 4552->4545 4554->4533 4555->4536 4556->4536 4558 4055f3 4559 4055fe InvalidateRect 4558->4559 4562 40560a 4558->4562 4559->4562 4560 405517 SendMessageW 4565 40552d 4560->4565 4561->4560 4561->4565 4562->4537 4563 404f77 24 API calls 4562->4563 4563->4537 4564 4055a1 SendMessageW SendMessageW 4564->4565 4565->4558 4565->4564 4566->4554 4567->4528 4569 40501b SendMessageW 4568->4569 4570 404fdf GetMessagePos ScreenToClient SendMessageW 4568->4570 4571 405013 4569->4571 4570->4571 4572 405018 4570->4572 4571->4525 4572->4569 4582 406682 lstrcpynW 4573->4582 4575 40504f 4583 4065c9 wsprintfW 4575->4583 4577 405059 4578 40140b 2 API calls 4577->4578 4579 405062 4578->4579 4584 406682 lstrcpynW 4579->4584 4581 405069 4581->4561 4582->4575 4583->4577 4584->4581 4585 40166f 4586 402dab 21 API calls 4585->4586 4587 401675 4586->4587 4588 4069df 2 API calls 4587->4588 4589 40167b 4588->4589 4590 402af0 4591 402d89 21 API calls 4590->4591 4592 402af6 4591->4592 4593 402933 4592->4593 4594 4066bf 21 API calls 4592->4594 4594->4593 4595 404771 lstrlenW 4596 404790 4595->4596 4597 404792 WideCharToMultiByte 4595->4597 4596->4597 4598 4026f1 4599 402d89 21 API calls 4598->4599 4607 402700 4599->4607 4600 40283d 4601 40274a ReadFile 4601->4600 4601->4607 4602 4061f5 ReadFile 4602->4607 4603 406253 5 API calls 4603->4607 4604 40278a MultiByteToWideChar 4604->4607 4605 40283f 4611 4065c9 wsprintfW 4605->4611 4607->4600 4607->4601 4607->4602 4607->4603 4607->4604 4607->4605 4608 4027b0 SetFilePointer MultiByteToWideChar 4607->4608 4609 402850 4607->4609 4608->4607 4609->4600 4610 402871 SetFilePointer 4609->4610 4610->4600 4611->4600 4118 404af2 4119 404b1e 4118->4119 4120 404b2f 4118->4120 4198 405cc6 GetDlgItemTextW 4119->4198 4121 404b3b GetDlgItem 4120->4121 4128 404ba7 4120->4128 4123 404b4f 4121->4123 4127 404b63 SetWindowTextW 4123->4127 4132 405ffc 4 API calls 4123->4132 4124 404c7e 4129 404e2d 4124->4129 4185 405cc6 GetDlgItemTextW 4124->4185 4125 404b29 4126 406930 5 API calls 4125->4126 4126->4120 4135 404601 22 API calls 4127->4135 4128->4124 4128->4129 4133 4066bf 21 API calls 4128->4133 4131 404668 8 API calls 4129->4131 4136 404e41 4131->4136 4137 404b59 4132->4137 4138 404c0e SHBrowseForFolderW 4133->4138 4134 404cae 4139 406059 18 API calls 4134->4139 4140 404b7f 4135->4140 4137->4127 4144 405f51 3 API calls 4137->4144 4138->4124 4141 404c26 CoTaskMemFree 4138->4141 4142 404cb4 4139->4142 4143 404601 22 API calls 4140->4143 4145 405f51 3 API calls 4141->4145 4186 406682 lstrcpynW 4142->4186 4146 404b8d 4143->4146 4144->4127 4147 404c33 4145->4147 4184 404636 SendMessageW 4146->4184 4152 404c6a SetDlgItemTextW 4147->4152 4155 4066bf 21 API calls 4147->4155 4150 404ccb 4153 406a76 5 API calls 4150->4153 4151 404b93 4154 406a76 5 API calls 4151->4154 4152->4124 4163 404cd2 4153->4163 4156 404b9a 4154->4156 4157 404c52 lstrcmpiW 4155->4157 4156->4129 4159 404ba2 SHAutoComplete 4156->4159 4157->4152 4160 404c63 lstrcatW 4157->4160 4158 404d13 4199 406682 lstrcpynW 4158->4199 4159->4128 4160->4152 4161 404ce1 GetDiskFreeSpaceExW 4161->4163 4171 404d6b 4161->4171 4163->4158 4163->4161 4166 405f9d 2 API calls 4163->4166 4164 404d1a 4165 405ffc 4 API calls 4164->4165 4167 404d20 4165->4167 4166->4163 4168 404d26 4167->4168 4169 404d29 GetDiskFreeSpaceW 4167->4169 4168->4169 4170 404d44 MulDiv 4169->4170 4169->4171 4170->4171 4172 404ddc 4171->4172 4187 404f77 4171->4187 4173 404dff 4172->4173 4175 40140b 2 API calls 4172->4175 4200 404623 KiUserCallbackDispatcher 4173->4200 4175->4173 4178 404dde SetDlgItemTextW 4178->4172 4179 404dce 4190 404eae 4179->4190 4181 404e1b 4181->4129 4182 404e28 4181->4182 4183 404a4b SendMessageW 4182->4183 4183->4129 4184->4151 4185->4134 4186->4150 4188 404eae 24 API calls 4187->4188 4189 404dc9 4188->4189 4189->4178 4189->4179 4191 404ec7 4190->4191 4192 4066bf 21 API calls 4191->4192 4193 404f2b 4192->4193 4194 4066bf 21 API calls 4193->4194 4195 404f36 4194->4195 4196 4066bf 21 API calls 4195->4196 4197 404f4c lstrlenW wsprintfW SetDlgItemTextW 4196->4197 4197->4172 4198->4125 4199->4164 4200->4181 4201 401774 4202 402dab 21 API calls 4201->4202 4203 40177b 4202->4203 4204 4017a3 4203->4204 4205 40179b 4203->4205 4241 406682 lstrcpynW 4204->4241 4240 406682 lstrcpynW 4205->4240 4208 4017a1 4212 406930 5 API calls 4208->4212 4209 4017ae 4210 405f51 3 API calls 4209->4210 4211 4017b4 lstrcatW 4210->4211 4211->4208 4226 4017c0 4212->4226 4213 4069df 2 API calls 4213->4226 4214 40614d 2 API calls 4214->4226 4216 4017d2 CompareFileTime 4216->4226 4217 401892 4218 405707 28 API calls 4217->4218 4221 40189c 4218->4221 4219 405707 28 API calls 4222 40187e 4219->4222 4220 406682 lstrcpynW 4220->4226 4223 403376 48 API calls 4221->4223 4224 4018af 4223->4224 4225 4018c3 SetFileTime 4224->4225 4227 4018d5 FindCloseChangeNotification 4224->4227 4225->4227 4226->4213 4226->4214 4226->4216 4226->4217 4226->4220 4228 4066bf 21 API calls 4226->4228 4234 405ce2 MessageBoxIndirectW 4226->4234 4237 401869 4226->4237 4239 406172 GetFileAttributesW CreateFileW 4226->4239 4227->4222 4229 4018e6 4227->4229 4228->4226 4230 4018eb 4229->4230 4231 4018fe 4229->4231 4232 4066bf 21 API calls 4230->4232 4233 4066bf 21 API calls 4231->4233 4235 4018f3 lstrcatW 4232->4235 4236 401906 4233->4236 4234->4226 4235->4236 4238 405ce2 MessageBoxIndirectW 4236->4238 4237->4219 4237->4222 4238->4222 4239->4226 4240->4208 4241->4209 4612 4014f5 SetForegroundWindow 4613 402c2f 4612->4613 4614 401a77 4615 402d89 21 API calls 4614->4615 4616 401a80 4615->4616 4617 402d89 21 API calls 4616->4617 4618 401a25 4617->4618 4619 401578 4620 401591 4619->4620 4621 401588 ShowWindow 4619->4621 4622 402c2f 4620->4622 4623 40159f ShowWindow 4620->4623 4621->4620 4623->4622 4624 4023f9 4625 402dab 21 API calls 4624->4625 4626 402408 4625->4626 4627 402dab 21 API calls 4626->4627 4628 402411 4627->4628 4629 402dab 21 API calls 4628->4629 4630 40241b GetPrivateProfileStringW 4629->4630 4631 40567b 4632 40568b 4631->4632 4633 40569f 4631->4633 4635 405691 4632->4635 4636 4056e8 4632->4636 4634 4056a7 IsWindowVisible 4633->4634 4642 4056be 4633->4642 4634->4636 4637 4056b4 4634->4637 4639 40464d SendMessageW 4635->4639 4638 4056ed CallWindowProcW 4636->4638 4640 404fbc 5 API calls 4637->4640 4641 40569b 4638->4641 4639->4641 4640->4642 4642->4638 4643 40503c 4 API calls 4642->4643 4643->4636 4644 401ffb 4645 402dab 21 API calls 4644->4645 4646 402002 4645->4646 4647 4069df 2 API calls 4646->4647 4648 402008 4647->4648 4650 402019 4648->4650 4651 4065c9 wsprintfW 4648->4651 4651->4650 4652 401b7c 4653 402dab 21 API calls 4652->4653 4654 401b83 4653->4654 4655 402d89 21 API calls 4654->4655 4656 401b8c wsprintfW 4655->4656 4657 402c2f 4656->4657 4658 401000 4659 401037 BeginPaint GetClientRect 4658->4659 4660 40100c DefWindowProcW 4658->4660 4662 4010f3 4659->4662 4663 401179 4660->4663 4664 401073 CreateBrushIndirect FillRect DeleteObject 4662->4664 4665 4010fc 4662->4665 4664->4662 4666 401102 CreateFontIndirectW 4665->4666 4667 401167 EndPaint 4665->4667 4666->4667 4668 401112 6 API calls 4666->4668 4667->4663 4668->4667 4669 401680 4670 402dab 21 API calls 4669->4670 4671 401687 4670->4671 4672 402dab 21 API calls 4671->4672 4673 401690 4672->4673 4674 402dab 21 API calls 4673->4674 4675 401699 MoveFileW 4674->4675 4676 4016a5 4675->4676 4677 4016ac 4675->4677 4678 401423 28 API calls 4676->4678 4679 4069df 2 API calls 4677->4679 4681 4022fb 4677->4681 4678->4681 4680 4016bb 4679->4680 4680->4681 4682 406442 40 API calls 4680->4682 4682->4676 3380 404102 3381 40411a 3380->3381 3382 40427b 3380->3382 3381->3382 3383 404126 3381->3383 3384 4042cc 3382->3384 3385 40428c GetDlgItem GetDlgItem 3382->3385 3387 404131 SetWindowPos 3383->3387 3388 404144 3383->3388 3386 404326 3384->3386 3394 401389 2 API calls 3384->3394 3389 404601 22 API calls 3385->3389 3407 404276 3386->3407 3453 40464d 3386->3453 3387->3388 3391 40414d ShowWindow 3388->3391 3392 40418f 3388->3392 3393 4042b6 SetClassLongW 3389->3393 3395 404268 3391->3395 3396 40416d GetWindowLongW 3391->3396 3397 404197 DestroyWindow 3392->3397 3398 4041ae 3392->3398 3399 40140b 2 API calls 3393->3399 3402 4042fe 3394->3402 3403 404668 8 API calls 3395->3403 3396->3395 3404 404186 ShowWindow 3396->3404 3452 40458a 3397->3452 3400 4041b3 SetWindowLongW 3398->3400 3401 4041c4 3398->3401 3399->3384 3400->3407 3401->3395 3405 4041d0 GetDlgItem 3401->3405 3402->3386 3406 404302 SendMessageW 3402->3406 3403->3407 3404->3392 3410 4041e1 SendMessageW IsWindowEnabled 3405->3410 3411 4041fe 3405->3411 3406->3407 3408 40140b 2 API calls 3419 404338 3408->3419 3409 40458c DestroyWindow EndDialog 3409->3452 3410->3407 3410->3411 3414 40420b 3411->3414 3416 404252 SendMessageW 3411->3416 3417 40421e 3411->3417 3426 404203 3411->3426 3412 4045bb ShowWindow 3412->3407 3413 4066bf 21 API calls 3413->3419 3414->3416 3414->3426 3416->3395 3420 404226 3417->3420 3421 40423b 3417->3421 3418 404239 3418->3395 3419->3407 3419->3408 3419->3409 3419->3413 3422 404601 22 API calls 3419->3422 3427 404601 22 API calls 3419->3427 3443 4044cc DestroyWindow 3419->3443 3466 40140b 3420->3466 3423 40140b 2 API calls 3421->3423 3422->3419 3425 404242 3423->3425 3425->3395 3425->3426 3469 4045da 3426->3469 3428 4043b3 GetDlgItem 3427->3428 3429 4043d0 ShowWindow KiUserCallbackDispatcher 3428->3429 3430 4043c8 3428->3430 3456 404623 KiUserCallbackDispatcher 3429->3456 3430->3429 3432 4043fa KiUserCallbackDispatcher 3437 40440e 3432->3437 3433 404413 GetSystemMenu EnableMenuItem SendMessageW 3434 404443 SendMessageW 3433->3434 3433->3437 3434->3437 3437->3433 3457 404636 SendMessageW 3437->3457 3458 4040e3 3437->3458 3461 406682 lstrcpynW 3437->3461 3439 404472 lstrlenW 3440 4066bf 21 API calls 3439->3440 3441 404488 SetWindowTextW 3440->3441 3462 401389 3441->3462 3444 4044e6 CreateDialogParamW 3443->3444 3443->3452 3445 404519 3444->3445 3444->3452 3446 404601 22 API calls 3445->3446 3447 404524 GetDlgItem GetWindowRect ScreenToClient SetWindowPos 3446->3447 3448 401389 2 API calls 3447->3448 3449 40456a 3448->3449 3449->3407 3450 404572 ShowWindow 3449->3450 3451 40464d SendMessageW 3450->3451 3451->3452 3452->3407 3452->3412 3454 404665 3453->3454 3455 404656 SendMessageW 3453->3455 3454->3419 3455->3454 3456->3432 3457->3437 3459 4066bf 21 API calls 3458->3459 3460 4040f1 SetWindowTextW 3459->3460 3460->3437 3461->3439 3463 401390 3462->3463 3464 4013fe 3463->3464 3465 4013cb MulDiv SendMessageW 3463->3465 3464->3419 3465->3463 3467 401389 2 API calls 3466->3467 3468 401420 3467->3468 3468->3426 3470 4045e1 3469->3470 3471 4045e7 SendMessageW 3469->3471 3470->3471 3471->3418 4683 401503 4684 401508 4683->4684 4686 401520 4683->4686 4685 402d89 21 API calls 4684->4685 4685->4686 4687 401a04 4688 402dab 21 API calls 4687->4688 4689 401a0b 4688->4689 4690 402dab 21 API calls 4689->4690 4691 401a14 4690->4691 4692 401a1b lstrcmpiW 4691->4692 4693 401a2d lstrcmpW 4691->4693 4694 401a21 4692->4694 4693->4694 4695 402304 4696 402dab 21 API calls 4695->4696 4697 40230a 4696->4697 4698 402dab 21 API calls 4697->4698 4699 402313 4698->4699 4700 402dab 21 API calls 4699->4700 4701 40231c 4700->4701 4702 4069df 2 API calls 4701->4702 4703 402325 4702->4703 4704 402336 lstrlenW lstrlenW 4703->4704 4708 402329 4703->4708 4706 405707 28 API calls 4704->4706 4705 405707 28 API calls 4709 402331 4705->4709 4707 402374 SHFileOperationW 4706->4707 4707->4708 4707->4709 4708->4705 4708->4709 4717 401d86 4718 401d99 GetDlgItem 4717->4718 4719 401d8c 4717->4719 4721 401d93 4718->4721 4720 402d89 21 API calls 4719->4720 4720->4721 4722 401dda GetClientRect LoadImageW SendMessageW 4721->4722 4723 402dab 21 API calls 4721->4723 4725 401e38 4722->4725 4727 401e44 4722->4727 4723->4722 4726 401e3d DeleteObject 4725->4726 4725->4727 4726->4727 4728 402388 4729 40238f 4728->4729 4730 4023a2 4728->4730 4731 4066bf 21 API calls 4729->4731 4732 40239c 4731->4732 4733 405ce2 MessageBoxIndirectW 4732->4733 4733->4730 4734 402c0a SendMessageW 4735 402c24 InvalidateRect 4734->4735 4736 402c2f 4734->4736 4735->4736 4037 40248f 4038 402dab 21 API calls 4037->4038 4039 4024a1 4038->4039 4040 402dab 21 API calls 4039->4040 4041 4024ab 4040->4041 4054 402e3b 4041->4054 4044 4024e3 4047 402d89 21 API calls 4044->4047 4050 4024ef 4044->4050 4045 402933 4046 402dab 21 API calls 4049 4024d9 lstrlenW 4046->4049 4047->4050 4048 40250e RegSetValueExW 4052 402524 RegCloseKey 4048->4052 4049->4044 4050->4048 4051 403376 48 API calls 4050->4051 4051->4048 4052->4045 4055 402e56 4054->4055 4058 40651d 4055->4058 4059 40652c 4058->4059 4060 4024bb 4059->4060 4061 406537 RegCreateKeyExW 4059->4061 4060->4044 4060->4045 4060->4046 4061->4060 4108 402910 4109 402dab 21 API calls 4108->4109 4110 402917 FindFirstFileW 4109->4110 4111 40293f 4110->4111 4115 40292a 4110->4115 4116 4065c9 wsprintfW 4111->4116 4113 402948 4117 406682 lstrcpynW 4113->4117 4116->4113 4117->4115 4737 401911 4738 401948 4737->4738 4739 402dab 21 API calls 4738->4739 4740 40194d 4739->4740 4741 405d8e 71 API calls 4740->4741 4742 401956 4741->4742 4743 401491 4744 405707 28 API calls 4743->4744 4745 401498 4744->4745 4746 403d12 4747 403d1d 4746->4747 4748 403d21 4747->4748 4749 403d24 GlobalAlloc 4747->4749 4749->4748 4757 401914 4758 402dab 21 API calls 4757->4758 4759 40191b 4758->4759 4760 405ce2 MessageBoxIndirectW 4759->4760 4761 401924 4760->4761 4242 402896 4243 40289d 4242->4243 4245 402bae 4242->4245 4244 402d89 21 API calls 4243->4244 4246 4028a4 4244->4246 4247 4028b3 SetFilePointer 4246->4247 4247->4245 4248 4028c3 4247->4248 4250 4065c9 wsprintfW 4248->4250 4250->4245 4762 401f17 4763 402dab 21 API calls 4762->4763 4764 401f1d 4763->4764 4765 402dab 21 API calls 4764->4765 4766 401f26 4765->4766 4767 402dab 21 API calls 4766->4767 4768 401f2f 4767->4768 4769 402dab 21 API calls 4768->4769 4770 401f38 4769->4770 4771 401423 28 API calls 4770->4771 4772 401f3f 4771->4772 4779 405ca8 ShellExecuteExW 4772->4779 4774 401f87 4775 406b21 5 API calls 4774->4775 4776 402933 4774->4776 4777 401fa4 CloseHandle 4775->4777 4777->4776 4779->4774 4780 402f98 4781 402fc3 4780->4781 4782 402faa SetTimer 4780->4782 4783 403011 4781->4783 4784 403017 MulDiv 4781->4784 4782->4781 4785 402fd1 wsprintfW SetWindowTextW SetDlgItemTextW 4784->4785 4785->4783 4787 401d1c 4788 402d89 21 API calls 4787->4788 4789 401d22 IsWindow 4788->4789 4790 401a25 4789->4790 4791 40149e 4792 4023a2 4791->4792 4793 4014ac PostQuitMessage 4791->4793 4793->4792 3337 401ba0 3338 401bf1 3337->3338 3343 401bad 3337->3343 3339 401c1b GlobalAlloc 3338->3339 3340 401bf6 3338->3340 3341 4066bf 21 API calls 3339->3341 3347 4023a2 3340->3347 3358 406682 lstrcpynW 3340->3358 3345 401c36 3341->3345 3342 4066bf 21 API calls 3346 40239c 3342->3346 3343->3345 3348 401bc4 3343->3348 3345->3342 3345->3347 3359 405ce2 3346->3359 3356 406682 lstrcpynW 3348->3356 3349 401c08 GlobalFree 3349->3347 3351 401bd3 3357 406682 lstrcpynW 3351->3357 3354 401be2 3363 406682 lstrcpynW 3354->3363 3356->3351 3357->3354 3358->3349 3360 405cf7 3359->3360 3361 405d43 3360->3361 3362 405d0b MessageBoxIndirectW 3360->3362 3361->3347 3362->3361 3363->3347 4794 406da0 4796 406c24 4794->4796 4795 40758f 4796->4795 4797 406ca5 GlobalFree 4796->4797 4798 406cae GlobalAlloc 4796->4798 4799 406d25 GlobalAlloc 4796->4799 4800 406d1c GlobalFree 4796->4800 4797->4798 4798->4795 4798->4796 4799->4795 4799->4796 4800->4799 4801 402621 4802 402dab 21 API calls 4801->4802 4803 402628 4802->4803 4806 406172 GetFileAttributesW CreateFileW 4803->4806 4805 402634 4806->4805 3479 4025a3 3490 402deb 3479->3490 3483 4025b6 3484 4025d2 RegEnumKeyW 3483->3484 3485 4025de RegEnumValueW 3483->3485 3488 402933 3483->3488 3486 4025fa RegCloseKey 3484->3486 3485->3486 3487 4025f3 3485->3487 3486->3488 3487->3486 3491 402dab 21 API calls 3490->3491 3492 402e02 3491->3492 3493 4064ef RegOpenKeyExW 3492->3493 3494 4025ad 3493->3494 3495 402d89 3494->3495 3496 4066bf 21 API calls 3495->3496 3497 402d9e 3496->3497 3497->3483 4012 405ca8 ShellExecuteExW 4807 4015a8 4808 402dab 21 API calls 4807->4808 4809 4015af SetFileAttributesW 4808->4809 4810 4015c1 4809->4810 4013 401fa9 4014 402dab 21 API calls 4013->4014 4015 401faf 4014->4015 4016 405707 28 API calls 4015->4016 4017 401fb9 4016->4017 4018 405c65 2 API calls 4017->4018 4019 401fbf 4018->4019 4022 402933 4019->4022 4027 401fe2 CloseHandle 4019->4027 4028 406b21 WaitForSingleObject 4019->4028 4023 401fd4 4024 401fe4 4023->4024 4025 401fd9 4023->4025 4024->4027 4033 4065c9 wsprintfW 4025->4033 4027->4022 4029 406b3b 4028->4029 4030 406b4d GetExitCodeProcess 4029->4030 4031 406ab2 2 API calls 4029->4031 4030->4023 4032 406b42 WaitForSingleObject 4031->4032 4032->4029 4033->4027 4818 404aab 4819 404ae1 4818->4819 4820 404abb 4818->4820 4822 404668 8 API calls 4819->4822 4821 404601 22 API calls 4820->4821 4823 404ac8 SetDlgItemTextW 4821->4823 4824 404aed 4822->4824 4823->4819 4062 40202f 4063 402dab 21 API calls 4062->4063 4064 402036 4063->4064 4065 406a76 5 API calls 4064->4065 4066 402045 GetFileVersionInfoSizeW 4065->4066 4067 402061 GlobalAlloc 4066->4067 4069 4020d1 4066->4069 4068 402075 4067->4068 4067->4069 4070 406a76 5 API calls 4068->4070 4071 40207c 4070->4071 4072 406a76 5 API calls 4071->4072 4073 402086 GetFileVersionInfoW 4072->4073 4073->4069 4074 402098 4073->4074 4074->4069 4078 4065c9 wsprintfW 4074->4078 4076 4020bf 4079 4065c9 wsprintfW 4076->4079 4078->4076 4079->4069 4080 4021af 4081 402dab 21 API calls 4080->4081 4082 4021b6 4081->4082 4083 402dab 21 API calls 4082->4083 4084 4021c0 4083->4084 4085 402dab 21 API calls 4084->4085 4086 4021ca 4085->4086 4087 402dab 21 API calls 4086->4087 4088 4021d4 4087->4088 4089 402dab 21 API calls 4088->4089 4090 4021de 4089->4090 4091 40221d CoCreateInstance 4090->4091 4092 402dab 21 API calls 4090->4092 4093 40223c 4091->4093 4092->4091 4094 401423 28 API calls 4093->4094 4095 4022fb 4093->4095 4094->4095 4096 40252f 4097 402deb 21 API calls 4096->4097 4098 402539 4097->4098 4099 402dab 21 API calls 4098->4099 4100 402542 4099->4100 4101 40254d RegQueryValueExW 4100->4101 4102 402933 4100->4102 4103 402573 RegCloseKey 4101->4103 4104 40256d 4101->4104 4103->4102 4104->4103 4107 4065c9 wsprintfW 4104->4107 4107->4103 4825 401a35 4826 402dab 21 API calls 4825->4826 4827 401a3e ExpandEnvironmentStringsW 4826->4827 4828 401a52 4827->4828 4830 401a65 4827->4830 4829 401a57 lstrcmpW 4828->4829 4828->4830 4829->4830 4831 404737 lstrcpynW lstrlenW 4837 4023b7 4838 4023c5 4837->4838 4839 4023bf 4837->4839 4841 4023d3 4838->4841 4842 402dab 21 API calls 4838->4842 4840 402dab 21 API calls 4839->4840 4840->4838 4843 4023e1 4841->4843 4844 402dab 21 API calls 4841->4844 4842->4841 4845 402dab 21 API calls 4843->4845 4844->4843 4846 4023ea WritePrivateProfileStringW 4845->4846 4847 4014b8 4848 4014be 4847->4848 4849 401389 2 API calls 4848->4849 4850 4014c6 4849->4850 4251 402439 4252 402441 4251->4252 4253 40246c 4251->4253 4254 402deb 21 API calls 4252->4254 4255 402dab 21 API calls 4253->4255 4256 402448 4254->4256 4257 402473 4255->4257 4258 402452 4256->4258 4261 402480 4256->4261 4263 402e69 4257->4263 4260 402dab 21 API calls 4258->4260 4262 402459 RegDeleteValueW RegCloseKey 4260->4262 4262->4261 4264 402e76 4263->4264 4265 402e7d 4263->4265 4264->4261 4265->4264 4267 402eae 4265->4267 4268 4064ef RegOpenKeyExW 4267->4268 4270 402edc 4268->4270 4269 402f86 4269->4264 4270->4269 4271 402eec RegEnumValueW 4270->4271 4275 402f0f 4270->4275 4272 402f76 RegCloseKey 4271->4272 4271->4275 4272->4269 4273 402f4b RegEnumKeyW 4274 402f54 RegCloseKey 4273->4274 4273->4275 4276 406a76 5 API calls 4274->4276 4275->4272 4275->4273 4275->4274 4277 402eae 6 API calls 4275->4277 4278 402f64 4276->4278 4277->4275 4278->4269 4279 402f68 RegDeleteKeyW 4278->4279 4279->4269 4851 40173a 4852 402dab 21 API calls 4851->4852 4853 401741 SearchPathW 4852->4853 4854 40175c 4853->4854 4855 401d3d 4856 402d89 21 API calls 4855->4856 4857 401d44 4856->4857 4858 402d89 21 API calls 4857->4858 4859 401d50 GetDlgItem 4858->4859 4860 40263d 4859->4860 4861 40703f 4865 406c24 4861->4865 4862 40758f 4863 406ca5 GlobalFree 4864 406cae GlobalAlloc 4863->4864 4864->4862 4864->4865 4865->4862 4865->4863 4865->4864 4865->4865 4866 406d25 GlobalAlloc 4865->4866 4867 406d1c GlobalFree 4865->4867 4866->4862 4866->4865 4867->4866

                                                                                                                                                                                                                                                                                                                                    Executed Functions

                                                                                                                                                                                                                                                                                                                                    Function 00403645 Relevance: 88.0, APIs: 32, Strings: 18, Instructions: 464stringfilecomCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                                                                                                                                                                                    • Executed
                                                                                                                                                                                                                                                                                                                                    • Not Executed
                                                                                                                                                                                                                                                                                                                                    control_flow_graph 0 403645-403697 SetErrorMode GetVersionExW 1 4036d1-4036d6 0->1 2 403699-4036c9 GetVersionExW 0->2 3 4036d8 1->3 4 4036de-403720 1->4 2->1 3->4 5 403722-40372a call 406a76 4->5 6 403733 4->6 5->6 11 40372c 5->11 8 403738-40374c call 406a06 lstrlenA 6->8 13 40374e-40376a call 406a76 * 3 8->13 11->6 20 40377b-4037df #17 OleInitialize SHGetFileInfoW call 406682 GetCommandLineW call 406682 13->20 21 40376c-403772 13->21 28 4037e1-4037e3 20->28 29 4037e8-4037fc call 405f7e CharNextW 20->29 21->20 25 403774 21->25 25->20 28->29 32 4038f7-4038fd 29->32 33 403801-403807 32->33 34 403903 32->34 35 403810-403817 33->35 36 403809-40380e 33->36 37 403917-403931 GetTempPathW call 403614 34->37 38 403819-40381e 35->38 39 40381f-403823 35->39 36->35 36->36 47 403933-403951 GetWindowsDirectoryW lstrcatW call 403614 37->47 48 403989-4039a3 DeleteFileW call 4030d5 37->48 38->39 41 4038e4-4038f3 call 405f7e 39->41 42 403829-40382f 39->42 41->32 59 4038f5-4038f6 41->59 45 403831-403838 42->45 46 403849-403882 42->46 52 40383a-40383d 45->52 53 40383f 45->53 54 403884-403889 46->54 55 40389f-4038d9 46->55 47->48 62 403953-403983 GetTempPathW lstrcatW SetEnvironmentVariableW * 2 call 403614 47->62 64 403b90-403ba0 call 403c62 OleUninitialize 48->64 65 4039a9-4039af 48->65 52->46 52->53 53->46 54->55 61 40388b-403893 54->61 57 4038e1-4038e3 55->57 58 4038db-4038df 55->58 57->41 58->57 63 403905-403912 call 406682 58->63 59->32 66 403895-403898 61->66 67 40389a 61->67 62->48 62->64 63->37 77 403ba2-403bb2 call 405ce2 ExitProcess 64->77 78 403bc6-403bcc 64->78 70 4039b5-4039c0 call 405f7e 65->70 71 403a48-403a4f call 403d54 65->71 66->55 66->67 67->55 82 4039c2-4039f7 70->82 83 403a0e-403a18 70->83 80 403a54-403a58 71->80 84 403c4a-403c52 78->84 85 403bce-403be4 GetCurrentProcess OpenProcessToken 78->85 80->64 91 4039f9-4039fd 82->91 86 403a1a-403a28 call 406059 83->86 87 403a5d-403a83 call 405c4d lstrlenW call 406682 83->87 88 403c54 84->88 89 403c58-403c5c ExitProcess 84->89 92 403be6-403c14 LookupPrivilegeValueW AdjustTokenPrivileges 85->92 93 403c1a-403c28 call 406a76 85->93 86->64 106 403a2e-403a44 call 406682 * 2 86->106 110 403a94-403aac 87->110 111 403a85-403a8f call 406682 87->111 88->89 97 403a06-403a0a 91->97 98 4039ff-403a04 91->98 92->93 104 403c36-403c41 ExitWindowsEx 93->104 105 403c2a-403c34 93->105 97->91 99 403a0c 97->99 98->97 98->99 99->83 104->84 108 403c43-403c45 call 40140b 104->108 105->104 105->108 106->71 108->84 116 403ab1-403ab5 110->116 111->110 118 403aba-403ae4 wsprintfW call 4066bf 116->118 122 403ae6-403aeb call 405bd6 118->122 123 403aed call 405c30 118->123 127 403af2-403af4 122->127 123->127 128 403b30-403b4f SetCurrentDirectoryW call 406442 CopyFileW 127->128 129 403af6-403b00 GetFileAttributesW 127->129 137 403b51-403b72 call 406442 call 4066bf call 405c65 128->137 138 403b8e 128->138 130 403b21-403b2c 129->130 131 403b02-403b0b DeleteFileW 129->131 130->116 134 403b2e 130->134 131->130 133 403b0d-403b1f call 405d8e 131->133 133->118 133->130 134->64 146 403b74-403b7e 137->146 147 403bb8-403bc4 CloseHandle 137->147 138->64 146->138 148 403b80-403b88 call 4069df 146->148 147->138 148->118 148->138
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • SetErrorMode.KERNEL32 ref: 00403668
                                                                                                                                                                                                                                                                                                                                    • GetVersionExW.KERNEL32(?,?,?,?,?,?,?,?), ref: 00403693
                                                                                                                                                                                                                                                                                                                                    • GetVersionExW.KERNEL32(?,?,?,?,?,?,?,?,?), ref: 004036A6
                                                                                                                                                                                                                                                                                                                                    • lstrlenA.KERNEL32(UXTHEME,UXTHEME,?,?,?,?,?,?,?,?), ref: 0040373F
                                                                                                                                                                                                                                                                                                                                    • #17.COMCTL32(?,00000008,0000000A,0000000C,?,?,?,?,?,?,?,?), ref: 0040377C
                                                                                                                                                                                                                                                                                                                                    • OleInitialize.OLE32(00000000), ref: 00403783
                                                                                                                                                                                                                                                                                                                                    • SHGetFileInfoW.SHELL32(00420F08,00000000,?,000002B4,00000000), ref: 004037A2
                                                                                                                                                                                                                                                                                                                                    • GetCommandLineW.KERNEL32(00428A60,NSIS Error,?,00000008,0000000A,0000000C,?,?,?,?,?,?,?,?), ref: 004037B7
                                                                                                                                                                                                                                                                                                                                    • CharNextW.USER32(00000000,"C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" ,00000020,"C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" ,00000000,?,00000008,0000000A,0000000C), ref: 004037F0
                                                                                                                                                                                                                                                                                                                                    • GetTempPathW.KERNEL32(00000400,C:\Users\user~1\AppData\Local\Temp\,00000000,00008001,?,00000008,0000000A,0000000C,?,?,?,?,?,?,?,?), ref: 00403928
                                                                                                                                                                                                                                                                                                                                    • GetWindowsDirectoryW.KERNEL32(C:\Users\user~1\AppData\Local\Temp\,000003FB,?,00000008,0000000A,0000000C,?,?,?,?,?,?,?,?), ref: 00403939
                                                                                                                                                                                                                                                                                                                                    • lstrcatW.KERNEL32(C:\Users\user~1\AppData\Local\Temp\,\Temp), ref: 00403945
                                                                                                                                                                                                                                                                                                                                    • GetTempPathW.KERNEL32(000003FC,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,\Temp,?,00000008,0000000A,0000000C,?,?,?,?,?,?,?,?), ref: 00403959
                                                                                                                                                                                                                                                                                                                                    • lstrcatW.KERNEL32(C:\Users\user~1\AppData\Local\Temp\,Low), ref: 00403961
                                                                                                                                                                                                                                                                                                                                    • SetEnvironmentVariableW.KERNEL32(TEMP,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,Low,?,00000008,0000000A,0000000C,?,?,?,?,?,?,?,?), ref: 00403972
                                                                                                                                                                                                                                                                                                                                    • SetEnvironmentVariableW.KERNEL32(TMP,C:\Users\user~1\AppData\Local\Temp\,?,00000008,0000000A,0000000C,?,?,?,?,?,?,?,?), ref: 0040397A
                                                                                                                                                                                                                                                                                                                                    • DeleteFileW.KERNEL32(1033,?,00000008,0000000A,0000000C,?,?,?,?,?,?,?,?), ref: 0040398E
                                                                                                                                                                                                                                                                                                                                    • lstrlenW.KERNEL32(C:\Users\user~1\AppData\Local\Temp\,"C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" ,00000000,?,?,00000008,0000000A,0000000C,?,?,?,?,?,?,?,?), ref: 00403A67
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00406682: lstrcpynW.KERNEL32(?,?,00000400,004037B7,00428A60,NSIS Error,?,00000008,0000000A,0000000C), ref: 0040668F
                                                                                                                                                                                                                                                                                                                                    • wsprintfW.USER32 ref: 00403AC4
                                                                                                                                                                                                                                                                                                                                    • GetFileAttributesW.KERNEL32(0042C800,C:\Users\user~1\AppData\Local\Temp\), ref: 00403AF7
                                                                                                                                                                                                                                                                                                                                    • DeleteFileW.KERNEL32(0042C800), ref: 00403B03
                                                                                                                                                                                                                                                                                                                                    • SetCurrentDirectoryW.KERNEL32(C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\), ref: 00403B31
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00406442: MoveFileExW.KERNEL32(?,?,00000005,00405F40,?,00000000,000000F1,?,?,?,?,?), ref: 0040644C
                                                                                                                                                                                                                                                                                                                                    • CopyFileW.KERNEL32(C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe,0042C800,00000001,C:\Users\user~1\AppData\Local\Temp\,00000000), ref: 00403B47
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405C65: CreateProcessW.KERNEL32(00000000,0042C800,00000000,00000000,00000000,04000000,00000000,00000000,00425F50,?,?,?,0042C800,?), ref: 00405C8E
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405C65: CloseHandle.KERNEL32(?,?,?,0042C800,?), ref: 00405C9B
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 004069DF: FindFirstFileW.KERNEL32(771B3420,00425F98,C:\,004060A2,C:\,C:\,00000000,C:\,C:\,771B3420,?,771B2EE0,00405DAE,?,771B3420,771B2EE0), ref: 004069EA
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 004069DF: FindClose.KERNEL32(00000000), ref: 004069F6
                                                                                                                                                                                                                                                                                                                                    • OleUninitialize.OLE32(?,?,00000008,0000000A,0000000C,?,?,?,?,?,?,?,?), ref: 00403B95
                                                                                                                                                                                                                                                                                                                                    • ExitProcess.KERNEL32 ref: 00403BB2
                                                                                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(00000000,0042D000,0042D000,?,0042C800,00000000), ref: 00403BB9
                                                                                                                                                                                                                                                                                                                                    • GetCurrentProcess.KERNEL32(00000028,?,00000008,0000000A,0000000C,?,?,?,?,?,?,?,?), ref: 00403BD5
                                                                                                                                                                                                                                                                                                                                    • OpenProcessToken.ADVAPI32(00000000,?,?,?,?,?,?,?,?), ref: 00403BDC
                                                                                                                                                                                                                                                                                                                                    • LookupPrivilegeValueW.ADVAPI32(00000000,SeShutdownPrivilege,?), ref: 00403BF1
                                                                                                                                                                                                                                                                                                                                    • AdjustTokenPrivileges.ADVAPI32(?,00000000,?,00000000,00000000,00000000,?,?,?,?,?,?,?,?), ref: 00403C14
                                                                                                                                                                                                                                                                                                                                    • ExitWindowsEx.USER32(00000002,80040002), ref: 00403C39
                                                                                                                                                                                                                                                                                                                                    • ExitProcess.KERNEL32 ref: 00403C5C
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405C30: CreateDirectoryW.KERNEL32(?,00000000,00403638,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,0040392F,?,00000008,0000000A,0000000C), ref: 00405C36
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: File$Process$CloseDirectoryExit$CreateCurrentDeleteEnvironmentFindHandlePathTempTokenVariableVersionWindowslstrcatlstrlen$AdjustAttributesCharCommandCopyErrorFirstInfoInitializeLineLookupModeMoveNextOpenPrivilegePrivilegesUninitializeValuelstrcpynwsprintf
                                                                                                                                                                                                                                                                                                                                    • String ID: "C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" $0x00004858$1033$C:\Users\user~1\AppData\Local\Temp\$C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp$C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe$C:\Users\user\AppData\Local\Programs\Fiddler$C:\Users\user\AppData\Local\Programs\Fiddler$Error launching installer$Error writing temporary file. Make sure your temp folder is valid.$Low$NSIS Error$SeShutdownPrivilege$TEMP$TMP$UXTHEME$\Temp$~nsu%X.tmp
                                                                                                                                                                                                                                                                                                                                    • API String ID: 1813718867-742881722
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: aa3ac17b1a5b491486917875c76550572755d9afddd5d170a5e16e74ef3293cc
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: d2a3103bd0adf94391fd0ebfa47e937d37e61a7cc597b22c14a72094b2238e17
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: aa3ac17b1a5b491486917875c76550572755d9afddd5d170a5e16e74ef3293cc
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 4CF1E531604300AAD320AF759D05B2B7EE8AB8570AF11483FF585B22D1DB7C9A41CB6E
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00405D8E Relevance: 17.6, APIs: 7, Strings: 3, Instructions: 148filestringCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                                                                                                                                                                                    • Executed
                                                                                                                                                                                                                                                                                                                                    • Not Executed
                                                                                                                                                                                                                                                                                                                                    control_flow_graph 662 405d8e-405db4 call 406059 665 405db6-405dc8 DeleteFileW 662->665 666 405dcd-405dd4 662->666 667 405f4a-405f4e 665->667 668 405dd6-405dd8 666->668 669 405de7-405df7 call 406682 666->669 670 405ef8-405efd 668->670 671 405dde-405de1 668->671 677 405e06-405e07 call 405f9d 669->677 678 405df9-405e04 lstrcatW 669->678 670->667 673 405eff-405f02 670->673 671->669 671->670 675 405f04-405f0a 673->675 676 405f0c-405f14 call 4069df 673->676 675->667 676->667 686 405f16-405f2a call 405f51 call 405d46 676->686 679 405e0c-405e10 677->679 678->679 682 405e12-405e1a 679->682 683 405e1c-405e22 lstrcatW 679->683 682->683 685 405e27-405e43 lstrlenW FindFirstFileW 682->685 683->685 687 405e49-405e51 685->687 688 405eed-405ef1 685->688 702 405f42-405f45 call 405707 686->702 703 405f2c-405f2f 686->703 691 405e71-405e85 call 406682 687->691 692 405e53-405e5b 687->692 688->670 690 405ef3 688->690 690->670 704 405e87-405e8f 691->704 705 405e9c-405ea7 call 405d46 691->705 694 405ed0-405ee0 FindNextFileW 692->694 695 405e5d-405e65 692->695 694->687 701 405ee6-405ee7 FindClose 694->701 695->691 698 405e67-405e6f 695->698 698->691 698->694 701->688 702->667 703->675 708 405f31-405f40 call 405707 call 406442 703->708 704->694 709 405e91-405e9a call 405d8e 704->709 714 405ec8-405ecb call 405707 705->714 715 405ea9-405eac 705->715 708->667 709->694 714->694 718 405ec0-405ec6 715->718 719 405eae-405ebe call 405707 call 406442 715->719 718->694 719->694
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • DeleteFileW.KERNEL32(?,?,771B3420,771B2EE0,"C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" ), ref: 00405DB7
                                                                                                                                                                                                                                                                                                                                    • lstrcatW.KERNEL32(C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fiddler 4.lnk,\*.*), ref: 00405DFF
                                                                                                                                                                                                                                                                                                                                    • lstrcatW.KERNEL32(?,0040A014), ref: 00405E22
                                                                                                                                                                                                                                                                                                                                    • lstrlenW.KERNEL32(?,?,0040A014,?,C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fiddler 4.lnk,?,?,771B3420,771B2EE0,"C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" ), ref: 00405E28
                                                                                                                                                                                                                                                                                                                                    • FindFirstFileW.KERNEL32(C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fiddler 4.lnk,?,?,?,0040A014,?,C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fiddler 4.lnk,?,?,771B3420,771B2EE0,"C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" ), ref: 00405E38
                                                                                                                                                                                                                                                                                                                                    • FindNextFileW.KERNEL32(00000000,00000010,000000F2,?,?,?,?,0000002E), ref: 00405ED8
                                                                                                                                                                                                                                                                                                                                    • FindClose.KERNEL32(00000000), ref: 00405EE7
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: FileFind$lstrcat$CloseDeleteFirstNextlstrlen
                                                                                                                                                                                                                                                                                                                                    • String ID: "C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" $C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fiddler 4.lnk$\*.*
                                                                                                                                                                                                                                                                                                                                    • API String ID: 2035342205-999970197
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 5bbbe9736573e0873f2e1386b99e889a7b8e3f986854e9af084b80f90e64b115
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 5ad7ae4105776224b4bb644c15053e07d5ebc7bd6c5330578b1f64027da07968
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 5bbbe9736573e0873f2e1386b99e889a7b8e3f986854e9af084b80f90e64b115
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 6F41D330400A15AACB21AB65CC49BBF7678EF41718F24417FF895B11C1D77C4A82DEAE
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00406DA0 Relevance: 5.4, APIs: 4, Instructions: 382COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 3ef02b19721ac815a4354a2b384e5822db0a29b40c19b0eeafe3a712687496ea
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 5203db86b2e08fd3ebfde089d8ff8c44169432d1db75552ad8ea7513f2b1afa9
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 3ef02b19721ac815a4354a2b384e5822db0a29b40c19b0eeafe3a712687496ea
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 64F16570D04229CBDF28CFA8C8946ADBBB1FF44305F25856ED856BB281D7385A86CF45
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 004069DF Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 14fileCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • FindFirstFileW.KERNEL32(771B3420,00425F98,C:\,004060A2,C:\,C:\,00000000,C:\,C:\,771B3420,?,771B2EE0,00405DAE,?,771B3420,771B2EE0), ref: 004069EA
                                                                                                                                                                                                                                                                                                                                    • FindClose.KERNEL32(00000000), ref: 004069F6
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: Find$CloseFileFirst
                                                                                                                                                                                                                                                                                                                                    • String ID: C:\
                                                                                                                                                                                                                                                                                                                                    • API String ID: 2295610775-3404278061
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 5aa02b152b1bdaa4a45d264aeb005cec44e37fe5ecd5a9a233d7a39d055da6f3
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 87b64c9cece2c57c139ea7904c9da033401fae8fb112df8880c97ca139bbac6e
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 5aa02b152b1bdaa4a45d264aeb005cec44e37fe5ecd5a9a233d7a39d055da6f3
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: EBD012716096205BD64067386E0C94B7A589F16331722CA36F06BF21E0D7348C628A9C
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00402910 Relevance: 1.5, APIs: 1, Instructions: 30fileCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • FindFirstFileW.KERNEL32(00000000,?,00000002), ref: 0040291F
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: FileFindFirst
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 1974802433-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 5f40b9c168098cd7c08605d36f5ba7f449bc57889a4c1abe0db35f31e7ccfb05
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: f0d7266373870d470beff65cac24d35b4a218527411e0b80208e5fb1e93adf0c
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 5f40b9c168098cd7c08605d36f5ba7f449bc57889a4c1abe0db35f31e7ccfb05
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 28F08271A04104AED701EBE4ED499AEB378EF14314F60057BE111F31E0D7B84E059B19
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00405846 Relevance: 66.8, APIs: 36, Strings: 2, Instructions: 284windowclipboardmemoryCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                                                                                                                                                                                    • Executed
                                                                                                                                                                                                                                                                                                                                    • Not Executed
                                                                                                                                                                                                                                                                                                                                    control_flow_graph 151 405846-405861 152 4059f0-4059f7 151->152 153 405867-40592e GetDlgItem * 3 call 404636 call 404f8f GetClientRect GetSystemMetrics SendMessageW * 2 151->153 155 405a21-405a2e 152->155 156 4059f9-405a1b GetDlgItem CreateThread FindCloseChangeNotification 152->156 171 405930-40594a SendMessageW * 2 153->171 172 40594c-40594f 153->172 157 405a30-405a36 155->157 158 405a4c-405a56 155->158 156->155 160 405a71-405a7a call 404668 157->160 161 405a38-405a47 ShowWindow * 2 call 404636 157->161 162 405a58-405a5e 158->162 163 405aac-405ab0 158->163 175 405a7f-405a83 160->175 161->158 168 405a60-405a6c call 4045da 162->168 169 405a86-405a96 ShowWindow 162->169 163->160 166 405ab2-405ab8 163->166 166->160 173 405aba-405acd SendMessageW 166->173 168->160 176 405aa6-405aa7 call 4045da 169->176 177 405a98-405aa1 call 405707 169->177 171->172 178 405951-40595d SendMessageW 172->178 179 40595f-405976 call 404601 172->179 180 405ad3-405afe CreatePopupMenu call 4066bf AppendMenuW 173->180 181 405bcf-405bd1 173->181 176->163 177->176 178->179 190 405978-40598c ShowWindow 179->190 191 4059ac-4059cd GetDlgItem SendMessageW 179->191 188 405b00-405b10 GetWindowRect 180->188 189 405b13-405b28 TrackPopupMenu 180->189 181->175 188->189 189->181 192 405b2e-405b45 189->192 193 40599b 190->193 194 40598e-405999 ShowWindow 190->194 191->181 195 4059d3-4059eb SendMessageW * 2 191->195 196 405b4a-405b65 SendMessageW 192->196 197 4059a1-4059a7 call 404636 193->197 194->197 195->181 196->196 198 405b67-405b8a OpenClipboard EmptyClipboard GlobalAlloc GlobalLock 196->198 197->191 200 405b8c-405bb3 SendMessageW 198->200 200->200 201 405bb5-405bc9 GlobalUnlock SetClipboardData CloseClipboard 200->201 201->181
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • GetDlgItem.USER32(?,00000403), ref: 004058A4
                                                                                                                                                                                                                                                                                                                                    • GetDlgItem.USER32(?,000003EE), ref: 004058B3
                                                                                                                                                                                                                                                                                                                                    • GetClientRect.USER32(?,?), ref: 004058F0
                                                                                                                                                                                                                                                                                                                                    • GetSystemMetrics.USER32(00000002), ref: 004058F7
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,00001061,00000000,?), ref: 00405918
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,00001036,00004000,00004000), ref: 00405929
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,00001001,00000000,00000110), ref: 0040593C
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,00001026,00000000,00000110), ref: 0040594A
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,00001024,00000000,?), ref: 0040595D
                                                                                                                                                                                                                                                                                                                                    • ShowWindow.USER32(00000000,?,0000001B,000000FF), ref: 0040597F
                                                                                                                                                                                                                                                                                                                                    • ShowWindow.USER32(?,00000008), ref: 00405993
                                                                                                                                                                                                                                                                                                                                    • GetDlgItem.USER32(?,000003EC), ref: 004059B4
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(00000000,00000401,00000000,75300000), ref: 004059C4
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(00000000,00000409,00000000,?), ref: 004059DD
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(00000000,00002001,00000000,00000110), ref: 004059E9
                                                                                                                                                                                                                                                                                                                                    • GetDlgItem.USER32(?,000003F8), ref: 004058C2
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00404636: SendMessageW.USER32(00000028,?,00000001,00404461), ref: 00404644
                                                                                                                                                                                                                                                                                                                                    • GetDlgItem.USER32(?,000003EC), ref: 00405A06
                                                                                                                                                                                                                                                                                                                                    • CreateThread.KERNEL32(00000000,00000000,Function_000057DA,00000000), ref: 00405A14
                                                                                                                                                                                                                                                                                                                                    • FindCloseChangeNotification.KERNEL32(00000000), ref: 00405A1B
                                                                                                                                                                                                                                                                                                                                    • ShowWindow.USER32(00000000), ref: 00405A3F
                                                                                                                                                                                                                                                                                                                                    • ShowWindow.USER32(?,00000008), ref: 00405A44
                                                                                                                                                                                                                                                                                                                                    • ShowWindow.USER32(00000008), ref: 00405A8E
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,00001004,00000000,00000000), ref: 00405AC2
                                                                                                                                                                                                                                                                                                                                    • CreatePopupMenu.USER32 ref: 00405AD3
                                                                                                                                                                                                                                                                                                                                    • AppendMenuW.USER32(00000000,00000000,00000001,00000000), ref: 00405AE7
                                                                                                                                                                                                                                                                                                                                    • GetWindowRect.USER32(?,?), ref: 00405B07
                                                                                                                                                                                                                                                                                                                                    • TrackPopupMenu.USER32(00000000,00000180,?,?,00000000,?,00000000), ref: 00405B20
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,00001073,00000000,?), ref: 00405B58
                                                                                                                                                                                                                                                                                                                                    • OpenClipboard.USER32(00000000), ref: 00405B68
                                                                                                                                                                                                                                                                                                                                    • EmptyClipboard.USER32 ref: 00405B6E
                                                                                                                                                                                                                                                                                                                                    • GlobalAlloc.KERNEL32(00000042,00000000), ref: 00405B7A
                                                                                                                                                                                                                                                                                                                                    • GlobalLock.KERNEL32(00000000), ref: 00405B84
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,00001073,00000000,?), ref: 00405B98
                                                                                                                                                                                                                                                                                                                                    • GlobalUnlock.KERNEL32(00000000), ref: 00405BB8
                                                                                                                                                                                                                                                                                                                                    • SetClipboardData.USER32(0000000D,00000000), ref: 00405BC3
                                                                                                                                                                                                                                                                                                                                    • CloseClipboard.USER32 ref: 00405BC9
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: MessageSend$Window$ItemShow$Clipboard$GlobalMenu$CloseCreatePopupRect$AllocAppendChangeClientDataEmptyFindLockMetricsNotificationOpenSystemThreadTrackUnlock
                                                                                                                                                                                                                                                                                                                                    • String ID: H/B${
                                                                                                                                                                                                                                                                                                                                    • API String ID: 4154960007-332483393
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 4ad71a5ae84d1442ca64332f301171ed24ad3ca4da0b040a8c0bb5ec3df77bcf
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 1bfd88ad0a039f30930ce625e3f17186fc56f4394c79b8c388f8475f2b475093
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 4ad71a5ae84d1442ca64332f301171ed24ad3ca4da0b040a8c0bb5ec3df77bcf
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: A7B127B1900608FFDB21AF60DD85DAE7B79FB44354F00413AFA41A61A0CB795E52DF68
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00404102 Relevance: 61.6, APIs: 34, Strings: 1, Instructions: 357windowstringCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                                                                                                                                                                                    • Executed
                                                                                                                                                                                                                                                                                                                                    • Not Executed
                                                                                                                                                                                                                                                                                                                                    control_flow_graph 202 404102-404114 203 40411a-404120 202->203 204 40427b-40428a 202->204 203->204 205 404126-40412f 203->205 206 4042d9-4042ee 204->206 207 40428c-4042d4 GetDlgItem * 2 call 404601 SetClassLongW call 40140b 204->207 210 404131-40413e SetWindowPos 205->210 211 404144-40414b 205->211 208 4042f0-4042f3 206->208 209 40432e-404333 call 40464d 206->209 207->206 213 4042f5-404300 call 401389 208->213 214 404326-404328 208->214 221 404338-404353 209->221 210->211 216 40414d-404167 ShowWindow 211->216 217 40418f-404195 211->217 213->214 238 404302-404321 SendMessageW 213->238 214->209 220 4045ce 214->220 222 404268-404276 call 404668 216->222 223 40416d-404180 GetWindowLongW 216->223 224 404197-4041a9 DestroyWindow 217->224 225 4041ae-4041b1 217->225 227 4045d0-4045d7 220->227 234 404355-404357 call 40140b 221->234 235 40435c-404362 221->235 222->227 223->222 236 404186-404189 ShowWindow 223->236 228 4045ab-4045b1 224->228 230 4041b3-4041bf SetWindowLongW 225->230 231 4041c4-4041ca 225->231 228->220 241 4045b3-4045b9 228->241 230->227 231->222 237 4041d0-4041df GetDlgItem 231->237 234->235 242 404368-404373 235->242 243 40458c-4045a5 DestroyWindow EndDialog 235->243 236->217 244 4041e1-4041f8 SendMessageW IsWindowEnabled 237->244 245 4041fe-404201 237->245 238->227 241->220 246 4045bb-4045c4 ShowWindow 241->246 242->243 247 404379-4043c6 call 4066bf call 404601 * 3 GetDlgItem 242->247 243->228 244->220 244->245 249 404203-404204 245->249 250 404206-404209 245->250 246->220 274 4043d0-40440c ShowWindow KiUserCallbackDispatcher call 404623 KiUserCallbackDispatcher 247->274 275 4043c8-4043cd 247->275 252 404234-404239 call 4045da 249->252 253 404217-40421c 250->253 254 40420b-404211 250->254 252->222 257 404252-404262 SendMessageW 253->257 259 40421e-404224 253->259 254->257 258 404213-404215 254->258 257->222 258->252 262 404226-40422c call 40140b 259->262 263 40423b-404244 call 40140b 259->263 272 404232 262->272 263->222 271 404246-404250 263->271 271->272 272->252 278 404411 274->278 279 40440e-40440f 274->279 275->274 280 404413-404441 GetSystemMenu EnableMenuItem SendMessageW 278->280 279->280 281 404443-404454 SendMessageW 280->281 282 404456 280->282 283 40445c-40449b call 404636 call 4040e3 call 406682 lstrlenW call 4066bf SetWindowTextW call 401389 281->283 282->283 283->221 294 4044a1-4044a3 283->294 294->221 295 4044a9-4044ad 294->295 296 4044cc-4044e0 DestroyWindow 295->296 297 4044af-4044b5 295->297 296->228 298 4044e6-404513 CreateDialogParamW 296->298 297->220 299 4044bb-4044c1 297->299 298->228 301 404519-404570 call 404601 GetDlgItem GetWindowRect ScreenToClient SetWindowPos call 401389 298->301 299->221 300 4044c7 299->300 300->220 301->220 306 404572-404585 ShowWindow call 40464d 301->306 308 40458a 306->308 308->228
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • SetWindowPos.USER32(?,00000000,00000000,00000000,00000000,00000013), ref: 0040413E
                                                                                                                                                                                                                                                                                                                                    • ShowWindow.USER32(?), ref: 0040415E
                                                                                                                                                                                                                                                                                                                                    • GetWindowLongW.USER32(?,000000F0), ref: 00404170
                                                                                                                                                                                                                                                                                                                                    • ShowWindow.USER32(?,00000004), ref: 00404189
                                                                                                                                                                                                                                                                                                                                    • DestroyWindow.USER32 ref: 0040419D
                                                                                                                                                                                                                                                                                                                                    • SetWindowLongW.USER32(?,00000000,00000000), ref: 004041B6
                                                                                                                                                                                                                                                                                                                                    • GetDlgItem.USER32(?,?), ref: 004041D5
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(00000000,000000F3,00000000,00000000), ref: 004041E9
                                                                                                                                                                                                                                                                                                                                    • IsWindowEnabled.USER32(00000000), ref: 004041F0
                                                                                                                                                                                                                                                                                                                                    • GetDlgItem.USER32(?,00000001), ref: 0040429B
                                                                                                                                                                                                                                                                                                                                    • GetDlgItem.USER32(?,00000002), ref: 004042A5
                                                                                                                                                                                                                                                                                                                                    • SetClassLongW.USER32(?,000000F2,?), ref: 004042BF
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(0000040F,00000000,00000001,?), ref: 00404310
                                                                                                                                                                                                                                                                                                                                    • GetDlgItem.USER32(?,00000003), ref: 004043B6
                                                                                                                                                                                                                                                                                                                                    • ShowWindow.USER32(00000000,?), ref: 004043D7
                                                                                                                                                                                                                                                                                                                                    • KiUserCallbackDispatcher.NTDLL(?,?), ref: 004043E9
                                                                                                                                                                                                                                                                                                                                    • KiUserCallbackDispatcher.NTDLL(?,?), ref: 00404404
                                                                                                                                                                                                                                                                                                                                    • GetSystemMenu.USER32(?,00000000,0000F060,00000001), ref: 0040441A
                                                                                                                                                                                                                                                                                                                                    • EnableMenuItem.USER32(00000000), ref: 00404421
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,000000F4,00000000,00000001), ref: 00404439
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,00000401,00000002,00000000), ref: 0040444C
                                                                                                                                                                                                                                                                                                                                    • lstrlenW.KERNEL32(00422F48,?,00422F48,00000000), ref: 00404476
                                                                                                                                                                                                                                                                                                                                    • SetWindowTextW.USER32(?,00422F48), ref: 0040448A
                                                                                                                                                                                                                                                                                                                                    • ShowWindow.USER32(?,0000000A), ref: 004045BE
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: Window$Item$MessageSendShow$Long$CallbackDispatcherMenuUser$ClassDestroyEnableEnabledSystemTextlstrlen
                                                                                                                                                                                                                                                                                                                                    • String ID: H/B
                                                                                                                                                                                                                                                                                                                                    • API String ID: 3964124867-184950203
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 6713c34f0db6ca24ad0fd02f4a6c26255f157c0ea2add66a7142b4456e47287b
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: f8b0abefa6079376cca3afd4ac47b8e6787ccd0873a3a79b8952b84eeba681b3
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 6713c34f0db6ca24ad0fd02f4a6c26255f157c0ea2add66a7142b4456e47287b
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 91C1CFB1600204BBDB316F61EE85A2B7AB8EB85345F41053EF741B25F0CB795842DB2D
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00403D54 Relevance: 47.5, APIs: 13, Strings: 14, Instructions: 215stringregistryCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                                                                                                                                                                                    • Executed
                                                                                                                                                                                                                                                                                                                                    • Not Executed
                                                                                                                                                                                                                                                                                                                                    control_flow_graph 309 403d54-403d6c call 406a76 312 403d80-403db7 call 406550 309->312 313 403d6e-403d7e call 4065c9 309->313 318 403db9-403dca call 406550 312->318 319 403dcf-403dd5 lstrcatW 312->319 322 403dda-403e03 call 40402a call 406059 313->322 318->319 319->322 327 403e95-403e9d call 406059 322->327 328 403e09-403e0e 322->328 334 403eab-403ed0 LoadImageW 327->334 335 403e9f-403ea6 call 4066bf 327->335 328->327 329 403e14-403e2e call 406550 328->329 333 403e33-403e3c 329->333 333->327 336 403e3e-403e42 333->336 338 403f51-403f59 call 40140b 334->338 339 403ed2-403f02 RegisterClassW 334->339 335->334 340 403e54-403e60 lstrlenW 336->340 341 403e44-403e51 call 405f7e 336->341 350 403f63-403f6e call 40402a 338->350 351 403f5b-403f5e 338->351 342 404020 339->342 343 403f08-403f4c SystemParametersInfoW CreateWindowExW 339->343 347 403e62-403e70 lstrcmpiW 340->347 348 403e88-403e90 call 405f51 call 406682 340->348 341->340 346 404022-404029 342->346 343->338 347->348 354 403e72-403e7c GetFileAttributesW 347->354 348->327 362 403f74-403f8e ShowWindow call 406a06 350->362 363 403ff7-403ff8 call 4057da 350->363 351->346 357 403e82-403e83 call 405f9d 354->357 358 403e7e-403e80 354->358 357->348 358->348 358->357 370 403f90-403f95 call 406a06 362->370 371 403f9a-403fac GetClassInfoW 362->371 366 403ffd-403fff 363->366 368 404001-404007 366->368 369 404019-40401b call 40140b 366->369 368->351 372 40400d-404014 call 40140b 368->372 369->342 370->371 375 403fc4-403fe7 DialogBoxParamW call 40140b 371->375 376 403fae-403fbe GetClassInfoW RegisterClassW 371->376 372->351 380 403fec-403ff5 call 403ca4 375->380 376->375 380->346
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00406A76: GetModuleHandleA.KERNEL32(?,00000020,?,00403755,0000000C,?,?,?,?,?,?,?,?), ref: 00406A88
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00406A76: GetProcAddress.KERNEL32(00000000,?), ref: 00406AA3
                                                                                                                                                                                                                                                                                                                                    • lstrcatW.KERNEL32(1033,00422F48), ref: 00403DD5
                                                                                                                                                                                                                                                                                                                                    • lstrlenW.KERNEL32(: Completed,?,?,?,: Completed,00000000,C:\Users\user\AppData\Local\Programs\Fiddler,1033,00422F48,80000001,Control Panel\Desktop\ResourceLocale,00000000,00422F48,00000000,00000002,771B3420), ref: 00403E55
                                                                                                                                                                                                                                                                                                                                    • lstrcmpiW.KERNEL32(?,.exe,: Completed,?,?,?,: Completed,00000000,C:\Users\user\AppData\Local\Programs\Fiddler,1033,00422F48,80000001,Control Panel\Desktop\ResourceLocale,00000000,00422F48,00000000), ref: 00403E68
                                                                                                                                                                                                                                                                                                                                    • GetFileAttributesW.KERNEL32(: Completed), ref: 00403E73
                                                                                                                                                                                                                                                                                                                                    • LoadImageW.USER32(00000067,00000001,00000000,00000000,00008040,C:\Users\user\AppData\Local\Programs\Fiddler), ref: 00403EBC
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 004065C9: wsprintfW.USER32 ref: 004065D6
                                                                                                                                                                                                                                                                                                                                    • RegisterClassW.USER32(00428A00), ref: 00403EF9
                                                                                                                                                                                                                                                                                                                                    • SystemParametersInfoW.USER32(00000030,00000000,?,00000000), ref: 00403F11
                                                                                                                                                                                                                                                                                                                                    • CreateWindowExW.USER32(00000080,_Nb,00000000,80000000,?,?,?,?,00000000,00000000,00000000), ref: 00403F46
                                                                                                                                                                                                                                                                                                                                    • ShowWindow.USER32(00000005,00000000), ref: 00403F7C
                                                                                                                                                                                                                                                                                                                                    • GetClassInfoW.USER32(00000000,RichEdit20W,00428A00), ref: 00403FA8
                                                                                                                                                                                                                                                                                                                                    • GetClassInfoW.USER32(00000000,RichEdit,00428A00), ref: 00403FB5
                                                                                                                                                                                                                                                                                                                                    • RegisterClassW.USER32(00428A00), ref: 00403FBE
                                                                                                                                                                                                                                                                                                                                    • DialogBoxParamW.USER32(?,00000000,00404102,00000000), ref: 00403FDD
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: Class$Info$RegisterWindow$AddressAttributesCreateDialogFileHandleImageLoadModuleParamParametersProcShowSystemlstrcatlstrcmpilstrlenwsprintf
                                                                                                                                                                                                                                                                                                                                    • String ID: "C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" $.DEFAULT\Control Panel\International$.exe$1033$: Completed$C:\Users\user~1\AppData\Local\Temp\$C:\Users\user\AppData\Local\Programs\Fiddler$Control Panel\Desktop\ResourceLocale$H/B$RichEd20$RichEd32$RichEdit$RichEdit20W$_Nb
                                                                                                                                                                                                                                                                                                                                    • API String ID: 1975747703-3903938248
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: f58a3f60cd534a6ea1f25196c590d3f1d1b6097ae1227b2c7b01b60ac743f1f7
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 33830a549d8bd1c9ff3d4095a28b7d5feb3a0022977f60bfd4e6bbc11b1c7dcb
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: f58a3f60cd534a6ea1f25196c590d3f1d1b6097ae1227b2c7b01b60ac743f1f7
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 4661D570200741BAD620AB669E46F2B3A7CEB84709F41453FFA45B61E2DF795902CB2D
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 004047C0 Relevance: 38.7, APIs: 19, Strings: 3, Instructions: 204windowstringCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                                                                                                                                                                                    • Executed
                                                                                                                                                                                                                                                                                                                                    • Not Executed
                                                                                                                                                                                                                                                                                                                                    control_flow_graph 383 4047c0-4047d2 384 4048f2-4048ff 383->384 385 4047d8-4047e0 383->385 386 404901-40490a 384->386 387 40495c-404960 384->387 388 4047e2-4047f1 385->388 389 4047f3-404817 385->389 392 404910-404916 386->392 393 404a35 386->393 390 404a26-404a2d 387->390 391 404966-40497e GetDlgItem 387->391 388->389 394 404820-40489b call 404601 * 2 CheckDlgButton call 404623 GetDlgItem call 404636 SendMessageW 389->394 395 404819 389->395 390->393 401 404a2f 390->401 397 404980-404987 391->397 398 4049e7-4049ee 391->398 392->393 399 40491c-404927 392->399 396 404a38-404a3f call 404668 393->396 425 4048a6-4048ed SendMessageW * 2 lstrlenW SendMessageW * 2 394->425 426 40489d-4048a0 GetSysColor 394->426 395->394 407 404a44-404a48 396->407 397->398 403 404989-4049a4 397->403 398->396 404 4049f0-4049f7 398->404 399->393 405 40492d-404957 GetDlgItem SendMessageW call 404623 call 404a4b 399->405 401->393 403->398 408 4049a6-4049e4 SendMessageW LoadCursorW SetCursor call 404a6f LoadCursorW SetCursor 403->408 404->396 409 4049f9-4049fd 404->409 405->387 408->398 414 404a0f-404a13 409->414 415 4049ff-404a0d SendMessageW 409->415 419 404a21-404a24 414->419 420 404a15-404a1f SendMessageW 414->420 415->414 419->407 420->419 425->407 426->425
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • CheckDlgButton.USER32(?,-0000040A,00000001), ref: 0040485E
                                                                                                                                                                                                                                                                                                                                    • GetDlgItem.USER32(?,000003E8), ref: 00404872
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(00000000,0000045B,00000001,00000000), ref: 0040488F
                                                                                                                                                                                                                                                                                                                                    • GetSysColor.USER32(?), ref: 004048A0
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(00000000,00000443,00000000,?), ref: 004048AE
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(00000000,00000445,00000000,04010000), ref: 004048BC
                                                                                                                                                                                                                                                                                                                                    • lstrlenW.KERNEL32(?), ref: 004048C1
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(00000000,00000435,00000000,00000000), ref: 004048CE
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(00000000,00000449,00000110,00000110), ref: 004048E3
                                                                                                                                                                                                                                                                                                                                    • GetDlgItem.USER32(?,0000040A), ref: 0040493C
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(00000000), ref: 00404943
                                                                                                                                                                                                                                                                                                                                    • GetDlgItem.USER32(?,000003E8), ref: 0040496E
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(00000000,0000044B,00000000,00000201), ref: 004049B1
                                                                                                                                                                                                                                                                                                                                    • LoadCursorW.USER32(00000000,00007F02), ref: 004049BF
                                                                                                                                                                                                                                                                                                                                    • SetCursor.USER32(00000000), ref: 004049C2
                                                                                                                                                                                                                                                                                                                                    • LoadCursorW.USER32(00000000,00007F00), ref: 004049DB
                                                                                                                                                                                                                                                                                                                                    • SetCursor.USER32(00000000), ref: 004049DE
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(00000111,00000001,00000000), ref: 00404A0D
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(00000010,00000000,00000000), ref: 00404A1F
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: MessageSend$Cursor$Item$Load$ButtonCheckColorlstrlen
                                                                                                                                                                                                                                                                                                                                    • String ID: 7G@$: Completed$N
                                                                                                                                                                                                                                                                                                                                    • API String ID: 3103080414-1841378378
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: b6dc2905c6216746abb3c0cd17d9c39e8b2e61a9098f8b336cb1d1698ee7a258
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: cd0ff63a31a53d86839c1a5ce07a34679cc09665db384d3569e6db54912acae5
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: b6dc2905c6216746abb3c0cd17d9c39e8b2e61a9098f8b336cb1d1698ee7a258
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 9061B0B1A40209BFDB10AF64CD85EAA7B69FB84305F00843AF605B72D0D779AD51CF98
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00404AF2 Relevance: 31.8, APIs: 12, Strings: 6, Instructions: 275stringCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                                                                                                                                                                                    • Executed
                                                                                                                                                                                                                                                                                                                                    • Not Executed
                                                                                                                                                                                                                                                                                                                                    control_flow_graph 427 404af2-404b1c 428 404b1e-404b2a call 405cc6 call 406930 427->428 429 404b2f-404b39 427->429 428->429 430 404ba7-404bae 429->430 431 404b3b-404b51 GetDlgItem call 405fc8 429->431 434 404bb4-404bbd 430->434 435 404c85-404c8c 430->435 443 404b63-404b9c SetWindowTextW call 404601 * 2 call 404636 call 406a76 431->443 444 404b53-404b5b call 405ffc 431->444 439 404bd7-404bdc 434->439 440 404bbf-404bca 434->440 441 404c9b-404cb6 call 405cc6 call 406059 435->441 442 404c8e-404c95 435->442 439->435 447 404be2-404c24 call 4066bf SHBrowseForFolderW 439->447 445 404bd0 440->445 446 404e33-404e45 call 404668 440->446 466 404cb8 441->466 467 404cbf-404cd7 call 406682 call 406a76 441->467 442->441 442->446 443->446 485 404ba2-404ba5 SHAutoComplete 443->485 444->443 459 404b5d-404b5e call 405f51 444->459 445->439 460 404c26-404c40 CoTaskMemFree call 405f51 447->460 461 404c7e 447->461 459->443 474 404c42-404c48 460->474 475 404c6a-404c7c SetDlgItemTextW 460->475 461->435 466->467 483 404d13-404d24 call 406682 call 405ffc 467->483 484 404cd9-404cdf 467->484 474->475 476 404c4a-404c61 call 4066bf lstrcmpiW 474->476 475->435 476->475 486 404c63-404c65 lstrcatW 476->486 501 404d26 483->501 502 404d29-404d42 GetDiskFreeSpaceW 483->502 484->483 487 404ce1-404cf3 GetDiskFreeSpaceExW 484->487 485->430 486->475 489 404cf5-404cf7 487->489 490 404d6b-404d85 487->490 493 404cf9 489->493 494 404cfc-404d11 call 405f9d 489->494 492 404d87 490->492 496 404d8c-404d96 call 404f8f 492->496 493->494 494->483 494->487 505 404db1-404dba 496->505 506 404d98-404d9f 496->506 501->502 502->492 503 404d44-404d69 MulDiv 502->503 503->496 508 404dec-404df6 505->508 509 404dbc-404dcc call 404f77 505->509 506->505 507 404da1 506->507 512 404da3-404da8 507->512 513 404daa 507->513 510 404e02-404e08 508->510 511 404df8-404dff call 40140b 508->511 521 404dde-404de7 SetDlgItemTextW 509->521 522 404dce-404dd7 call 404eae 509->522 516 404e0a 510->516 517 404e0d-404e1e call 404623 510->517 511->510 512->505 512->513 513->505 516->517 526 404e20-404e26 517->526 527 404e2d 517->527 521->508 525 404ddc 522->525 525->508 526->527 528 404e28 call 404a4b 526->528 527->446 528->527
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • GetDlgItem.USER32(?,000003FB), ref: 00404B41
                                                                                                                                                                                                                                                                                                                                    • SetWindowTextW.USER32(00000000,?), ref: 00404B6B
                                                                                                                                                                                                                                                                                                                                    • SHAutoComplete.SHLWAPI(00000000,00000001,00000009,00000000,?,00000014,?,?,00000001,?), ref: 00404BA5
                                                                                                                                                                                                                                                                                                                                    • SHBrowseForFolderW.SHELL32(?), ref: 00404C1C
                                                                                                                                                                                                                                                                                                                                    • CoTaskMemFree.OLE32(00000000), ref: 00404C27
                                                                                                                                                                                                                                                                                                                                    • lstrcmpiW.KERNEL32(: Completed,00422F48,00000000,?,?), ref: 00404C59
                                                                                                                                                                                                                                                                                                                                    • lstrcatW.KERNEL32(?,: Completed), ref: 00404C65
                                                                                                                                                                                                                                                                                                                                    • SetDlgItemTextW.USER32(?,000003FB,?), ref: 00404C77
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405CC6: GetDlgItemTextW.USER32(?,?,00000400,00404CAE), ref: 00405CD9
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00406930: CharNextW.USER32(?,*?|<>/":,00000000,"C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" ,771B3420,C:\Users\user~1\AppData\Local\Temp\,00000000,00403620,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,0040392F,?,00000008,0000000A,0000000C), ref: 00406993
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00406930: CharNextW.USER32(?,?,?,00000000,?,00000008,0000000A,0000000C,?,?,?,?,?,?,?,?), ref: 004069A2
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00406930: CharNextW.USER32(?,"C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" ,771B3420,C:\Users\user~1\AppData\Local\Temp\,00000000,00403620,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,0040392F,?,00000008,0000000A,0000000C), ref: 004069A7
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00406930: CharPrevW.USER32(?,?,771B3420,C:\Users\user~1\AppData\Local\Temp\,00000000,00403620,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,0040392F,?,00000008,0000000A,0000000C), ref: 004069BA
                                                                                                                                                                                                                                                                                                                                    • GetDiskFreeSpaceExW.KERNEL32(C:\Users\user\AppData\Local\,?,?,?,00000001,C:\Users\user\AppData\Local\,?,?,000003FB,?), ref: 00404CEE
                                                                                                                                                                                                                                                                                                                                    • GetDiskFreeSpaceW.KERNEL32(C:\Users\user\AppData\Local\,?,?,0000040F,?,C:\Users\user\AppData\Local\,C:\Users\user\AppData\Local\,?,00000001,C:\Users\user\AppData\Local\,?,?,000003FB,?), ref: 00404D3A
                                                                                                                                                                                                                                                                                                                                    • MulDiv.KERNEL32(?,0000040F,00000400), ref: 00404D55
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00404EAE: lstrlenW.KERNEL32(00422F48,00422F48,?,%u.%u%s%s,00000005,00000000,00000000,?,000000DC,00000000,?,000000DF,00000000,00000400,?), ref: 00404F4F
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00404EAE: wsprintfW.USER32 ref: 00404F58
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00404EAE: SetDlgItemTextW.USER32(?,00422F48), ref: 00404F6B
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: CharItemText$FreeNext$DiskSpace$AutoBrowseCompleteFolderPrevTaskWindowlstrcatlstrcmpilstrlenwsprintf
                                                                                                                                                                                                                                                                                                                                    • String ID: 0x00004858$: Completed$A$C:\Users\user\AppData\Local\$C:\Users\user\AppData\Local\Programs\Fiddler$H/B
                                                                                                                                                                                                                                                                                                                                    • API String ID: 4039761011-895223397
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 63e1deddea1a614ff110810570ea1b9dfd65444c672d58f00e7806fb8a360319
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 96009b05525636a0bc85a96efb184481c484ec56fefee2337862baa2afa4bf02
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 63e1deddea1a614ff110810570ea1b9dfd65444c672d58f00e7806fb8a360319
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: DDA173B1900209ABDB11AFA5CD45AEFB7B8EF84314F11843BF601B62D1D77C99418B6D
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 004030D5 Relevance: 26.5, APIs: 5, Strings: 10, Instructions: 204memoryCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                                                                                                                                                                                    • Executed
                                                                                                                                                                                                                                                                                                                                    • Not Executed
                                                                                                                                                                                                                                                                                                                                    control_flow_graph 530 4030d5-403123 GetTickCount GetModuleFileNameW call 406172 533 403125-40312a 530->533 534 40312f-40315d call 406682 call 405f9d call 406682 GetFileSize 530->534 535 40336f-403373 533->535 542 403163 534->542 543 403248-403256 call 403033 534->543 545 403168-40317f 542->545 549 403327-40332c 543->549 550 40325c-40325f 543->550 547 403181 545->547 548 403183-40318c call 4035e7 545->548 547->548 556 403192-403199 548->556 557 4032e3-4032eb call 403033 548->557 549->535 552 403261-403279 call 4035fd call 4035e7 550->552 553 40328b-4032d7 GlobalAlloc call 406bd1 call 4061a1 CreateFileW 550->553 552->549 579 40327f-403285 552->579 576 4032d9-4032de 553->576 577 4032ed-40331d call 4035fd call 403376 553->577 561 403215-403219 556->561 562 40319b-4031af call 40612d 556->562 557->549 566 403223-403229 561->566 567 40321b-403222 call 403033 561->567 562->566 582 4031b1-4031b8 562->582 573 403238-403240 566->573 574 40322b-403235 call 406b63 566->574 567->566 573->545 578 403246 573->578 574->573 576->535 591 403322-403325 577->591 578->543 579->549 579->553 582->566 583 4031ba-4031c1 582->583 583->566 586 4031c3-4031ca 583->586 586->566 588 4031cc-4031d3 586->588 588->566 590 4031d5-4031f5 588->590 590->549 592 4031fb-4031ff 590->592 591->549 593 40332e-40333f 591->593 594 403201-403205 592->594 595 403207-40320f 592->595 596 403341 593->596 597 403347-40334c 593->597 594->578 594->595 595->566 598 403211-403213 595->598 596->597 599 40334d-403353 597->599 598->566 599->599 600 403355-40336d call 40612d 599->600 600->535
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • GetTickCount.KERNEL32 ref: 004030E9
                                                                                                                                                                                                                                                                                                                                    • GetModuleFileNameW.KERNEL32(00000000,C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe,00000400), ref: 00403105
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00406172: GetFileAttributesW.KERNEL32(00000003,00403118,C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe,80000000,00000003), ref: 00406176
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00406172: CreateFileW.KERNEL32(?,?,00000001,00000000,?,00000001,00000000), ref: 00406198
                                                                                                                                                                                                                                                                                                                                    • GetFileSize.KERNEL32(00000000,00000000,00438000,00000000,C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp,C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp,C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe,C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe,80000000,00000003), ref: 0040314E
                                                                                                                                                                                                                                                                                                                                    • GlobalAlloc.KERNEL32(00000040,00008001), ref: 00403290
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    • soft, xrefs: 004031C3
                                                                                                                                                                                                                                                                                                                                    • C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp, xrefs: 00403130, 00403135, 0040313B
                                                                                                                                                                                                                                                                                                                                    • Installer integrity check has failed. Common causes includeincomplete download and damaged media. Contact theinstaller's author , xrefs: 00403327
                                                                                                                                                                                                                                                                                                                                    • C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe, xrefs: 004030EF, 004030FE, 00403112, 0040312F
                                                                                                                                                                                                                                                                                                                                    • Error launching installer, xrefs: 00403125
                                                                                                                                                                                                                                                                                                                                    • C:\Users\user~1\AppData\Local\Temp\, xrefs: 004030DF, 004032A8
                                                                                                                                                                                                                                                                                                                                    • Inst, xrefs: 004031BA
                                                                                                                                                                                                                                                                                                                                    • Error writing temporary file. Make sure your temp folder is valid., xrefs: 004032D9
                                                                                                                                                                                                                                                                                                                                    • Null, xrefs: 004031CC
                                                                                                                                                                                                                                                                                                                                    • "C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" , xrefs: 004030DE
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: File$AllocAttributesCountCreateGlobalModuleNameSizeTick
                                                                                                                                                                                                                                                                                                                                    • String ID: "C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" $C:\Users\user~1\AppData\Local\Temp\$C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp$C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe$Error launching installer$Error writing temporary file. Make sure your temp folder is valid.$Inst$Installer integrity check has failed. Common causes includeincomplete download and damaged media. Contact theinstaller's author $Null$soft
                                                                                                                                                                                                                                                                                                                                    • API String ID: 2803837635-3466458627
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: e25ddccf2931d554cf8ae4c0c3bfc4e86d8fe1291d5fc5cd744d09a7651939d3
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: fa10dec2ede943269712b0c7dd26c00cc534fb31fc6fa5581d899c5550bae655
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e25ddccf2931d554cf8ae4c0c3bfc4e86d8fe1291d5fc5cd744d09a7651939d3
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 0171B071E00204ABDB20DFA4ED86B9E7AACAB04316F60457FF515B62D1CB7C9E418B5C
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 004066BF Relevance: 19.5, APIs: 6, Strings: 5, Instructions: 204stringCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                                                                                                                                                                                    • Executed
                                                                                                                                                                                                                                                                                                                                    • Not Executed
                                                                                                                                                                                                                                                                                                                                    control_flow_graph 603 4066bf-4066c8 604 4066ca-4066d9 603->604 605 4066db-4066f5 603->605 604->605 606 406905-40690b 605->606 607 4066fb-406707 605->607 609 406911-40691e 606->609 610 406719-406726 606->610 607->606 608 40670d-406714 607->608 608->606 612 406920-406925 call 406682 609->612 613 40692a-40692d 609->613 610->609 611 40672c-406735 610->611 614 4068f2 611->614 615 40673b-40677e 611->615 612->613 617 406900-406903 614->617 618 4068f4-4068fe 614->618 619 406784-406790 615->619 620 406896-40689a 615->620 617->606 618->606 621 406792 619->621 622 40679a-40679c 619->622 623 40689c-4068a3 620->623 624 4068ce-4068d2 620->624 621->622 629 4067d6-4067d9 622->629 630 40679e-4067c4 call 406550 622->630 627 4068b3-4068bf call 406682 623->627 628 4068a5-4068b1 call 4065c9 623->628 625 4068e2-4068f0 lstrlenW 624->625 626 4068d4-4068dd call 4066bf 624->626 625->606 626->625 639 4068c4-4068ca 627->639 628->639 633 4067db-4067e7 GetSystemDirectoryW 629->633 634 4067ec-4067ef 629->634 643 4067ca-4067d1 call 4066bf 630->643 644 40687e-406881 630->644 640 406879-40687c 633->640 641 406801-406805 634->641 642 4067f1-4067fd GetWindowsDirectoryW 634->642 639->625 645 4068cc 639->645 640->644 646 40688e-406894 call 406930 640->646 641->640 647 406807-406825 641->647 642->641 643->640 644->646 649 406883-406889 lstrcatW 644->649 645->646 646->625 651 406827-40682d 647->651 652 406839-406851 call 406a76 647->652 649->646 657 406835-406837 651->657 660 406853-406866 SHGetPathFromIDListW CoTaskMemFree 652->660 661 406868-406871 652->661 657->652 658 406873-406877 657->658 658->640 660->658 660->661 661->647 661->658
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • GetSystemDirectoryW.KERNEL32(: Completed,00000400), ref: 004067E1
                                                                                                                                                                                                                                                                                                                                    • GetWindowsDirectoryW.KERNEL32(: Completed,00000400,00000000,Completed,?,?,00000000,00000000,00000000,00000000), ref: 004067F7
                                                                                                                                                                                                                                                                                                                                    • SHGetPathFromIDListW.SHELL32(00000000,: Completed), ref: 00406855
                                                                                                                                                                                                                                                                                                                                    • CoTaskMemFree.OLE32(00000000,?,00000000,00000007), ref: 0040685E
                                                                                                                                                                                                                                                                                                                                    • lstrcatW.KERNEL32(: Completed,\Microsoft\Internet Explorer\Quick Launch), ref: 00406889
                                                                                                                                                                                                                                                                                                                                    • lstrlenW.KERNEL32(: Completed,00000000,Completed,?,?,00000000,00000000,00000000,00000000), ref: 004068E3
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: Directory$FreeFromListPathSystemTaskWindowslstrcatlstrlen
                                                                                                                                                                                                                                                                                                                                    • String ID: 0x00004858$: Completed$Completed$Software\Microsoft\Windows\CurrentVersion$\Microsoft\Internet Explorer\Quick Launch
                                                                                                                                                                                                                                                                                                                                    • API String ID: 4024019347-1832016780
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: b59e22a8bd15446390fa157bdf264ea230bac4db41f2cb9535611f30a8a1d2e5
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 4a93dbd931fcfc477af1f24740db1e2af50c51fdf4929e220b088375b48f32a9
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: b59e22a8bd15446390fa157bdf264ea230bac4db41f2cb9535611f30a8a1d2e5
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 586147B26053005BEB206F25DD80B6B77E8AB54318F26453FF587B22D0DB3C8961875E
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00401774 Relevance: 15.9, APIs: 5, Strings: 4, Instructions: 145stringtimeCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                                                                                                                                                                                    • Executed
                                                                                                                                                                                                                                                                                                                                    • Not Executed
                                                                                                                                                                                                                                                                                                                                    control_flow_graph 726 401774-401799 call 402dab call 405fc8 731 4017a3-4017b5 call 406682 call 405f51 lstrcatW 726->731 732 40179b-4017a1 call 406682 726->732 737 4017ba-4017bb call 406930 731->737 732->737 741 4017c0-4017c4 737->741 742 4017c6-4017d0 call 4069df 741->742 743 4017f7-4017fa 741->743 750 4017e2-4017f4 742->750 751 4017d2-4017e0 CompareFileTime 742->751 744 401802-40181e call 406172 743->744 745 4017fc-4017fd call 40614d 743->745 753 401820-401823 744->753 754 401892-4018bb call 405707 call 403376 744->754 745->744 750->743 751->750 755 401874-40187e call 405707 753->755 756 401825-401863 call 406682 * 2 call 4066bf call 406682 call 405ce2 753->756 766 4018c3-4018cf SetFileTime 754->766 767 4018bd-4018c1 754->767 768 401887-40188d 755->768 756->741 788 401869-40186a 756->788 770 4018d5-4018e0 FindCloseChangeNotification 766->770 767->766 767->770 771 402c38 768->771 774 4018e6-4018e9 770->774 775 402c2f-402c32 770->775 773 402c3a-402c3e 771->773 778 4018eb-4018fc call 4066bf lstrcatW 774->778 779 4018fe-401901 call 4066bf 774->779 775->771 785 401906-4023a7 call 405ce2 778->785 779->785 785->773 785->775 788->768 790 40186c-40186d 788->790 790->755
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • lstrcatW.KERNEL32(00000000,00000000), ref: 004017B5
                                                                                                                                                                                                                                                                                                                                    • CompareFileTime.KERNEL32(-00000014,?,Call,Call,00000000,00000000,Call,C:\Users\user\AppData\Local\Programs\Fiddler,?,?,00000031), ref: 004017DA
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00406682: lstrcpynW.KERNEL32(?,?,00000400,004037B7,00428A60,NSIS Error,?,00000008,0000000A,0000000C), ref: 0040668F
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405707: lstrlenW.KERNEL32(Completed,00000000,00000000,00000000,?,?,?,?,?,?,?,?,?,004030AD,00000000,?), ref: 0040573F
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405707: lstrlenW.KERNEL32(004030AD,Completed,00000000,00000000,00000000,?,?,?,?,?,?,?,?,?,004030AD,00000000), ref: 0040574F
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405707: lstrcatW.KERNEL32(Completed,004030AD), ref: 00405762
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405707: SetWindowTextW.USER32(Completed,Completed), ref: 00405774
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405707: SendMessageW.USER32(?,00001004,00000000,00000000), ref: 0040579A
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405707: SendMessageW.USER32(?,0000104D,00000000,00000001), ref: 004057B4
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405707: SendMessageW.USER32(?,00001013,?,00000000), ref: 004057C2
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: MessageSend$lstrcatlstrlen$CompareFileTextTimeWindowlstrcpyn
                                                                                                                                                                                                                                                                                                                                    • String ID: C:\Users\user~1\AppData\Local\Temp\nsx8D7.tmp\System.dll$C:\Users\user\AppData\Local\Programs\Fiddler$Call$False
                                                                                                                                                                                                                                                                                                                                    • API String ID: 1941528284-3419551581
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 32c4a55105527fe5635505d43395af282a95c9cc107a8a3e81d671ed76634ab9
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 8b6fd23670850fd9ae356807d0398338211ecbfbdba6d544e24b7f39de498ea1
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 32c4a55105527fe5635505d43395af282a95c9cc107a8a3e81d671ed76634ab9
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 7541A331900109FACF11BBB5CD85DAE7A79EF41329B21423FF422B10E1D73D8A91966D
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00405707 Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 72stringwindowCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                                                                                                                                                                                    • Executed
                                                                                                                                                                                                                                                                                                                                    • Not Executed
                                                                                                                                                                                                                                                                                                                                    control_flow_graph 792 405707-40571c 793 405722-405733 792->793 794 4057d3-4057d7 792->794 795 405735-405739 call 4066bf 793->795 796 40573e-40574a lstrlenW 793->796 795->796 798 405767-40576b 796->798 799 40574c-40575c lstrlenW 796->799 801 40577a-40577e 798->801 802 40576d-405774 SetWindowTextW 798->802 799->794 800 40575e-405762 lstrcatW 799->800 800->798 803 405780-4057c2 SendMessageW * 3 801->803 804 4057c4-4057c6 801->804 802->801 803->804 804->794 805 4057c8-4057cb 804->805 805->794
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • lstrlenW.KERNEL32(Completed,00000000,00000000,00000000,?,?,?,?,?,?,?,?,?,004030AD,00000000,?), ref: 0040573F
                                                                                                                                                                                                                                                                                                                                    • lstrlenW.KERNEL32(004030AD,Completed,00000000,00000000,00000000,?,?,?,?,?,?,?,?,?,004030AD,00000000), ref: 0040574F
                                                                                                                                                                                                                                                                                                                                    • lstrcatW.KERNEL32(Completed,004030AD), ref: 00405762
                                                                                                                                                                                                                                                                                                                                    • SetWindowTextW.USER32(Completed,Completed), ref: 00405774
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,00001004,00000000,00000000), ref: 0040579A
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,0000104D,00000000,00000001), ref: 004057B4
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,00001013,?,00000000), ref: 004057C2
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: MessageSend$lstrlen$TextWindowlstrcat
                                                                                                                                                                                                                                                                                                                                    • String ID: Completed
                                                                                                                                                                                                                                                                                                                                    • API String ID: 2531174081-3087654605
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 478899543bd82950d8a4d30903f75c7e93d106f960787587e0f6081d0d83e678
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 0122bdc4cc194b68d617bf21deccaf32741d68d09ea49b6ef8aede989cb0ca1f
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 478899543bd82950d8a4d30903f75c7e93d106f960787587e0f6081d0d83e678
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: F9219D71900618FACF119FA5DD84ACFBFB9EF45364F10843AF904B62A0C7794A419FA8
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00404EAE Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 84stringCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                                                                                                                                                                                    • Executed
                                                                                                                                                                                                                                                                                                                                    • Not Executed
                                                                                                                                                                                                                                                                                                                                    control_flow_graph 806 404eae-404ec5 807 404ed2-404edd 806->807 808 404ec7-404ed0 806->808 810 404ee5-404eeb 807->810 811 404edf-404ee4 807->811 809 404f20-404f74 call 4066bf * 3 lstrlenW wsprintfW SetDlgItemTextW 808->809 813 404ef2-404ef8 810->813 814 404eed-404ef1 810->814 811->810 815 404f07-404f1e 813->815 816 404efa-404f05 813->816 814->813 815->809 816->815
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • lstrlenW.KERNEL32(00422F48,00422F48,?,%u.%u%s%s,00000005,00000000,00000000,?,000000DC,00000000,?,000000DF,00000000,00000400,?), ref: 00404F4F
                                                                                                                                                                                                                                                                                                                                    • wsprintfW.USER32 ref: 00404F58
                                                                                                                                                                                                                                                                                                                                    • SetDlgItemTextW.USER32(?,00422F48), ref: 00404F6B
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: ItemTextlstrlenwsprintf
                                                                                                                                                                                                                                                                                                                                    • String ID: %u.%u%s%s$H/B
                                                                                                                                                                                                                                                                                                                                    • API String ID: 3540041739-2222257793
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 701484786e9e788ccce1f8e608fe17be4446b7c9895a13b6126df495f4584910
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 614c6b03a1206c52a907a8f7c7d2435543e043070c0789599254521b237785a9
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 701484786e9e788ccce1f8e608fe17be4446b7c9895a13b6126df495f4584910
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: D911D5336041287BDB00666D9C45E9E329CEB85374F254637FA25F31D1EA79C82282E8
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00406A06 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 36libraryCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                                                                                                                                                                                    • Executed
                                                                                                                                                                                                                                                                                                                                    • Not Executed
                                                                                                                                                                                                                                                                                                                                    control_flow_graph 822 406a06-406a26 GetSystemDirectoryW 823 406a28 822->823 824 406a2a-406a2c 822->824 823->824 825 406a3d-406a3f 824->825 826 406a2e-406a37 824->826 828 406a40-406a73 wsprintfW LoadLibraryExW 825->828 826->825 827 406a39-406a3b 826->827 827->828
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • GetSystemDirectoryW.KERNEL32(?,00000104), ref: 00406A1D
                                                                                                                                                                                                                                                                                                                                    • wsprintfW.USER32 ref: 00406A58
                                                                                                                                                                                                                                                                                                                                    • LoadLibraryExW.KERNEL32(?,00000000,00000008), ref: 00406A6C
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: DirectoryLibraryLoadSystemwsprintf
                                                                                                                                                                                                                                                                                                                                    • String ID: %s%S.dll$UXTHEME
                                                                                                                                                                                                                                                                                                                                    • API String ID: 2200240437-1106614640
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: bea2c3dfad6db3553b24c87bd1a60070de232aee380c5cee9c100d0800ee2260
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 2238e0f1a46f5e25e3951852f43a11dddaa5b7c7f32292af2b6637a080077407
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: bea2c3dfad6db3553b24c87bd1a60070de232aee380c5cee9c100d0800ee2260
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: DFF0FC30601119A7CB14BB68DD0EFAB375C9B01704F10847AA646F10D0EB789664CF98
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00406BF1 Relevance: 7.7, APIs: 4, Strings: 1, Instructions: 198COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                                                                                                                                                                                    • Executed
                                                                                                                                                                                                                                                                                                                                    • Not Executed
                                                                                                                                                                                                                                                                                                                                    control_flow_graph 829 406bf1-406c14 830 406c16-406c19 829->830 831 406c1e-406c21 829->831 832 40763e-407642 830->832 833 406c24-406c2d 831->833 834 406c33 833->834 835 40763b 833->835 836 406c3a-406c3e 834->836 837 406d7a-407421 834->837 838 406cdf-406ce3 834->838 839 406d4f-406d53 834->839 835->832 845 406c44-406c51 836->845 846 407626-407639 836->846 850 407423-407439 837->850 851 40743b-407451 837->851 843 406ce9-406d02 838->843 844 40758f-407599 838->844 840 406d59-406d6d 839->840 841 40759e-4075a8 839->841 848 406d70-406d78 840->848 841->846 849 406d05-406d09 843->849 844->846 845->835 847 406c57-406c9d 845->847 846->832 852 406cc5-406cc7 847->852 853 406c9f-406ca3 847->853 848->837 848->839 849->838 854 406d0b-406d11 849->854 855 407454-40745b 850->855 851->855 858 406cd5-406cdd 852->858 859 406cc9-406cd3 852->859 856 406ca5-406ca8 GlobalFree 853->856 857 406cae-406cbc GlobalAlloc 853->857 860 406d13-406d1a 854->860 861 406d3b-406d4d 854->861 862 407482-40748e 855->862 863 40745d-407461 855->863 856->857 857->835 865 406cc2 857->865 858->849 859->858 859->859 866 406d25-406d35 GlobalAlloc 860->866 867 406d1c-406d1f GlobalFree 860->867 861->848 862->833 868 407610-40761a 863->868 869 407467-40747f 863->869 865->852 866->835 866->861 867->866 868->846 869->862
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                                                                                    • String ID: ck%d
                                                                                                                                                                                                                                                                                                                                    • API String ID: 0-4000962198
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: b14ce6b3d8018a6f0b050b5be2694dad1ee6778a4c7b40431f4b258f42aa93ca
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 70604387997e4686e0750d9790b47f8334db0f7ece30ebb4bbc07469160fd387
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: b14ce6b3d8018a6f0b050b5be2694dad1ee6778a4c7b40431f4b258f42aa93ca
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: A4816571D04228DBDF24CFA8C8447ADBBB0FF44315F20856AD856BB281C7786A86DF45
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 0040347E Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 101COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                                                                                                                                                                                    • Executed
                                                                                                                                                                                                                                                                                                                                    • Not Executed
                                                                                                                                                                                                                                                                                                                                    control_flow_graph 870 40347e-4034a6 GetTickCount 871 4035d6-4035de call 403033 870->871 872 4034ac-4034d7 call 4035fd SetFilePointer 870->872 877 4035e0-4035e4 871->877 878 4034dc-4034ee 872->878 879 4034f0 878->879 880 4034f2-403500 call 4035e7 878->880 879->880 883 403506-403512 880->883 884 4035c8-4035cb 880->884 885 403518-40351e 883->885 884->877 886 403520-403526 885->886 887 403549-403565 call 406bf1 885->887 886->887 888 403528-403548 call 403033 886->888 892 4035d1 887->892 893 403567-40356f 887->893 888->887 897 4035d3-4035d4 892->897 895 403571-403579 call 406224 893->895 896 403592-403598 893->896 900 40357e-403580 895->900 896->892 899 40359a-40359c 896->899 897->877 899->892 901 40359e-4035b1 899->901 902 403582-40358e 900->902 903 4035cd-4035cf 900->903 901->878 904 4035b7-4035c6 SetFilePointer 901->904 902->885 905 403590 902->905 903->897 904->871 905->901
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • GetTickCount.KERNEL32 ref: 00403492
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 004035FD: SetFilePointer.KERNEL32(00000000,00000000,00000000,004032FB,?), ref: 0040360B
                                                                                                                                                                                                                                                                                                                                    • SetFilePointer.KERNEL32(00000000,00000000,?,00000000,004033A8,00000004,00000000,00000000,?,?,00403322,000000FF,00000000,00000000,00008001,?), ref: 004034C5
                                                                                                                                                                                                                                                                                                                                    • SetFilePointer.KERNEL32(00E62E10,00000000,00000000,ck%d,00004000,?,00000000,004033A8,00000004,00000000,00000000,?,?,00403322,000000FF,00000000), ref: 004035C0
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: FilePointer$CountTick
                                                                                                                                                                                                                                                                                                                                    • String ID: ck%d
                                                                                                                                                                                                                                                                                                                                    • API String ID: 1092082344-4000962198
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 1344b17e1481b80582bdb0ed23b8c3804af25e72a501c03e477dd398e9b7707c
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 0007fe48f9bd4e0bdf6fbdcb7c574e60e63cda3bf49c02497359f5fe5cde5340
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 1344b17e1481b80582bdb0ed23b8c3804af25e72a501c03e477dd398e9b7707c
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: C7319172600215EBC7309F29EE848163BADF744356755023BE501B26F1CBB5AE42DB9D
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 0040248F Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 64registrystringCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • lstrlenW.KERNEL32(False,00000023,00000011,00000002), ref: 004024DA
                                                                                                                                                                                                                                                                                                                                    • RegSetValueExW.KERNEL32(?,?,?,?,False,00000000,00000011,00000002), ref: 0040251A
                                                                                                                                                                                                                                                                                                                                    • RegCloseKey.KERNEL32(?,?,?,False,00000000,00000011,00000002), ref: 00402602
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: CloseValuelstrlen
                                                                                                                                                                                                                                                                                                                                    • String ID: False
                                                                                                                                                                                                                                                                                                                                    • API String ID: 2655323295-3926673204
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 281cf72524f6a34f88d6a40b0093b0dbda42c2c9efac77df7920f0dc034829df
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: be9c33e72f15a848a09509bfe82e7b73cbf05d8b6c9bfbfc98f7540490fedb8c
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 281cf72524f6a34f88d6a40b0093b0dbda42c2c9efac77df7920f0dc034829df
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 26119D31900118AEEB10EFA5DE59EAEBAB4AB44318F10483FF404B61C0C7B88E019A58
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 004061A1 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 37COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • GetTickCount.KERNEL32 ref: 004061BF
                                                                                                                                                                                                                                                                                                                                    • GetTempFileNameW.KERNEL32(?,?,00000000,?,?,?,00000000,00403643,1033,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,0040392F), ref: 004061DA
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: CountFileNameTempTick
                                                                                                                                                                                                                                                                                                                                    • String ID: C:\Users\user~1\AppData\Local\Temp\$nsa
                                                                                                                                                                                                                                                                                                                                    • API String ID: 1716503409-3083371207
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: ca4f867381b256d976a036b4ee2479ffffcb38332db50c9e5a73bf50e74bc53e
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: d5af49f5aac0e4cb02feadf6e990f33ccb34da23aa7fbf3522b8764b63faf6c0
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: ca4f867381b256d976a036b4ee2479ffffcb38332db50c9e5a73bf50e74bc53e
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 90F09076701204BFEB008F59DD05E9EB7BCEBA5710F11803EF901F7240E6B49A648764
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00403376 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 88COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • SetFilePointer.KERNEL32(00008001,00000000,00000000,00000000,00000000,?,?,00403322,000000FF,00000000,00000000,00008001,?), ref: 0040339B
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: FilePointer
                                                                                                                                                                                                                                                                                                                                    • String ID: ck%d
                                                                                                                                                                                                                                                                                                                                    • API String ID: 973152223-4000962198
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 3d500f412808721b8c87be071932eede801725a1d128c96ac4c777ed30e32dcd
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 810e563441ec60ddb2e304251acab09d4dc6a46a8481b8ea59e7f14a092257d1
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 3d500f412808721b8c87be071932eede801725a1d128c96ac4c777ed30e32dcd
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: E231B170200209BFDB129F59DD44E9A3FA9EB04355F10843AF904EA191D3788E51DBA9
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 004015C6 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 65COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405FFC: CharNextW.USER32(?,?,C:\,?,00406070,C:\,C:\,771B3420,?,771B2EE0,00405DAE,?,771B3420,771B2EE0,"C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" ), ref: 0040600A
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405FFC: CharNextW.USER32(00000000), ref: 0040600F
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405FFC: CharNextW.USER32(00000000), ref: 00406027
                                                                                                                                                                                                                                                                                                                                    • GetFileAttributesW.KERNEL32(?,?,00000000,0000005C,00000000,000000F0), ref: 0040161F
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405BD6: CreateDirectoryW.KERNEL32(0042C800,?), ref: 00405C18
                                                                                                                                                                                                                                                                                                                                    • SetCurrentDirectoryW.KERNEL32(?,C:\Users\user\AppData\Local\Programs\Fiddler,?,00000000,000000F0), ref: 00401652
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    • C:\Users\user\AppData\Local\Programs\Fiddler, xrefs: 00401645
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: CharNext$Directory$AttributesCreateCurrentFile
                                                                                                                                                                                                                                                                                                                                    • String ID: C:\Users\user\AppData\Local\Programs\Fiddler
                                                                                                                                                                                                                                                                                                                                    • API String ID: 1892508949-1332944209
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 6dc493655172712032739f04e316353c1bc773b07550d7d8c8ee79fa81184d13
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 68e4a3e0657f1f56d5d8600c1d99eb964219fead50354605c61944b677c9a350
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 6dc493655172712032739f04e316353c1bc773b07550d7d8c8ee79fa81184d13
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: DD11BE31404214ABCF20AFB5CD0099F36B0EF04368B25493FE946B22F1DA3E4A819B5E
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00406059 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 47stringCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00406682: lstrcpynW.KERNEL32(?,?,00000400,004037B7,00428A60,NSIS Error,?,00000008,0000000A,0000000C), ref: 0040668F
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405FFC: CharNextW.USER32(?,?,C:\,?,00406070,C:\,C:\,771B3420,?,771B2EE0,00405DAE,?,771B3420,771B2EE0,"C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" ), ref: 0040600A
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405FFC: CharNextW.USER32(00000000), ref: 0040600F
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405FFC: CharNextW.USER32(00000000), ref: 00406027
                                                                                                                                                                                                                                                                                                                                    • lstrlenW.KERNEL32(C:\,00000000,C:\,C:\,771B3420,?,771B2EE0,00405DAE,?,771B3420,771B2EE0,"C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" ), ref: 004060B2
                                                                                                                                                                                                                                                                                                                                    • GetFileAttributesW.KERNEL32(C:\,C:\,C:\,C:\,C:\,C:\,00000000,C:\,C:\,771B3420,?,771B2EE0,00405DAE,?,771B3420,771B2EE0), ref: 004060C2
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: CharNext$AttributesFilelstrcpynlstrlen
                                                                                                                                                                                                                                                                                                                                    • String ID: C:\
                                                                                                                                                                                                                                                                                                                                    • API String ID: 3248276644-3404278061
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 8ac32a27a18f4c2dd493eafaed9bce6c13b36ca5a95e32c2f60d88480e43d1b4
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: c6e62d849c1808a59ce2984a64bb42424f7e4e7bb9f9a1371c2689eace45329e
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 8ac32a27a18f4c2dd493eafaed9bce6c13b36ca5a95e32c2f60d88480e43d1b4
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 17F04426144E6219D632723A0C05EAF26148F82354B57463FF853B22D1DF3C8D62C17E
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00406550 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 44registryCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • RegQueryValueExW.ADVAPI32(?,00000000,00000000,?,?,00000800,00000000,?,?,?,?,: Completed,?,00000000,004067C1,80000002), ref: 00406596
                                                                                                                                                                                                                                                                                                                                    • RegCloseKey.ADVAPI32(?), ref: 004065A1
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: CloseQueryValue
                                                                                                                                                                                                                                                                                                                                    • String ID: : Completed
                                                                                                                                                                                                                                                                                                                                    • API String ID: 3356406503-2954849223
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 5e421e957683aa7155fe1e1f393967b6404614e05e15b89e99e168e2dc4a01c3
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 225dfe442f4fc2e839130f584d2f70a73ee2f61c7405cac2e0d59c7fe544a8ff
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 5e421e957683aa7155fe1e1f393967b6404614e05e15b89e99e168e2dc4a01c3
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 39017172510209FEDF218F55DD05EDB3BE8EB54364F014035FD1592190E738D968DBA4
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 004071D5 Relevance: 5.2, APIs: 4, Instructions: 236COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 5aa4d090f2ad8984d83f4f4e641c2e75da78772a5538c6e641319c1bffeb23fb
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 5108979c3f50e514b4d7e1fb6dd8ed840f295859cf3be547aab63c341a9fbe83
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 5aa4d090f2ad8984d83f4f4e641c2e75da78772a5538c6e641319c1bffeb23fb
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 8BA14471E04228DBDF28CFA8C8446ADBBB1FF44305F14856AD856BB281C7786A86DF45
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 004073D6 Relevance: 5.2, APIs: 4, Instructions: 208COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 8d5ea1f57b3c7a51107eeb32950adad6d0a1e952e0bb086014bf19e576e1a16a
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: e1ca38fbe1868b0530a5cca2aefb0608b46060051e5a62990b8a86f9073b7715
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 8d5ea1f57b3c7a51107eeb32950adad6d0a1e952e0bb086014bf19e576e1a16a
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 61912370D04228CBDF28CF98C8547ADBBB1FF44305F14856AD856BB291C778AA86DF45
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 004070EC Relevance: 5.2, APIs: 4, Instructions: 205COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 2a4d9994a082143c1c144eb36683b4c65f38247d7a35d367480abefccda07661
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: c8babd12d4b9043659ede3bd230c10fd4be49189821a01af26e4b19fb55261c2
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 2a4d9994a082143c1c144eb36683b4c65f38247d7a35d367480abefccda07661
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: B1813571D04228DBDF24CFA8C8847ADBBB1FF44305F24856AD456BB281C778AA86DF45
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 0040703F Relevance: 5.2, APIs: 4, Instructions: 180COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: e36820fe09b78ea4b76e3bf6ab2fb301930f737046964227b4143800bf5a8c7d
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 95d77a19c0962547fc3f67c13c4944abdc30b9b20558c44938f244593de0d4a6
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e36820fe09b78ea4b76e3bf6ab2fb301930f737046964227b4143800bf5a8c7d
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 49713471D04228CBDF24CFA8C8847ADBBB1FF48305F15806AD856BB281C7386986DF45
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 0040715D Relevance: 5.2, APIs: 4, Instructions: 170COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 06ef8f5a1822f0b757ae31e3b83f809751af444a1e9c2dfe7d230d3dce02f925
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 33b9de73c5357426475d1ecb6718d507a7f793f52192090568aa5f1be2fe3f26
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 06ef8f5a1822f0b757ae31e3b83f809751af444a1e9c2dfe7d230d3dce02f925
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: D8714671E04228CBDF28CF98C8847ADBBB1FF44305F15856AD856BB281C7786986DF45
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 004070A9 Relevance: 5.2, APIs: 4, Instructions: 168COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: cfd14bdf320e39a62d2c2df30edf7cb1e1c63a24431ff8987f761f3d68dc011c
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: eebb37c65e2131d6119e05978ba22ffeb7e1a1a57c5d17d20a151e235b5fbeda
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: cfd14bdf320e39a62d2c2df30edf7cb1e1c63a24431ff8987f761f3d68dc011c
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: DD714771E04228DBEF28CF98C8447ADBBB1FF44305F15816AD856BB281C7786A86DF45
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 004020DD Relevance: 4.6, APIs: 3, Instructions: 73libraryCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • GetModuleHandleW.KERNEL32(00000000,00000001,000000F0), ref: 00402108
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405707: lstrlenW.KERNEL32(Completed,00000000,00000000,00000000,?,?,?,?,?,?,?,?,?,004030AD,00000000,?), ref: 0040573F
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405707: lstrlenW.KERNEL32(004030AD,Completed,00000000,00000000,00000000,?,?,?,?,?,?,?,?,?,004030AD,00000000), ref: 0040574F
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405707: lstrcatW.KERNEL32(Completed,004030AD), ref: 00405762
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405707: SetWindowTextW.USER32(Completed,Completed), ref: 00405774
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405707: SendMessageW.USER32(?,00001004,00000000,00000000), ref: 0040579A
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405707: SendMessageW.USER32(?,0000104D,00000000,00000001), ref: 004057B4
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405707: SendMessageW.USER32(?,00001013,?,00000000), ref: 004057C2
                                                                                                                                                                                                                                                                                                                                    • LoadLibraryExW.KERNEL32(00000000,?,00000008,00000001,000000F0), ref: 00402119
                                                                                                                                                                                                                                                                                                                                    • FreeLibrary.KERNEL32(?,?,000000F7,?,?,00000008,00000001,000000F0), ref: 00402196
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: MessageSend$Librarylstrlen$FreeHandleLoadModuleTextWindowlstrcat
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 334405425-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: e874b12b36c990adef2177658416b4975faa93a44eece631f2e4fd4c826b316e
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: d5d67dfdf4745362115819af7549d82072a8f7f049e0964222285d8f4f4a232d
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e874b12b36c990adef2177658416b4975faa93a44eece631f2e4fd4c826b316e
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: ED215031904108EADF11AFA5CE49A9E7A71FF44359F20413BF201B91E1CBBD8982AA5D
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00401BA0 Relevance: 4.6, APIs: 2, Strings: 1, Instructions: 72memoryCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • GlobalFree.KERNEL32(00000000), ref: 00401C10
                                                                                                                                                                                                                                                                                                                                    • GlobalAlloc.KERNEL32(00000040,00000804), ref: 00401C22
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: Global$AllocFree
                                                                                                                                                                                                                                                                                                                                    • String ID: Call
                                                                                                                                                                                                                                                                                                                                    • API String ID: 3394109436-1824292864
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 3750bf9dfa814a3c0f6efd612861c63dc40cfe6380e236ca5b9144ec9c5a3e46
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 755843c12eef3f61fe3821796784c52372e38f60d99e915cd62482290075d307
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 3750bf9dfa814a3c0f6efd612861c63dc40cfe6380e236ca5b9144ec9c5a3e46
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 7D210872904254DBDB20FBA4CE84A5E73B8AB04718715093FF542F32D0C6B89C418BDD
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 0040202F Relevance: 4.6, APIs: 3, Instructions: 65memoryCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00406A76: GetModuleHandleA.KERNEL32(?,00000020,?,00403755,0000000C,?,?,?,?,?,?,?,?), ref: 00406A88
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00406A76: GetProcAddress.KERNEL32(00000000,?), ref: 00406AA3
                                                                                                                                                                                                                                                                                                                                    • GetFileVersionInfoSizeW.KERNELBASE(0000000B,00000000,?,000000EE), ref: 00402045
                                                                                                                                                                                                                                                                                                                                    • GlobalAlloc.KERNEL32(00000040,00000000), ref: 00402064
                                                                                                                                                                                                                                                                                                                                    • GetFileVersionInfoW.KERNELBASE(?,?,00000000,?,0000000D,0000000C), ref: 00402091
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 004065C9: wsprintfW.USER32 ref: 004065D6
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: FileInfoVersion$AddressAllocGlobalHandleModuleProcSizewsprintf
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 2654256344-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 07812cedf9ef6ff5752f09a7ef8dacfbefdf77ad1719ce8d4fbf696c8ce9ac10
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 3cebdb6c48dea88a1dcb8fcf3c322c7102163938362c719bced754f65894bfff
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 07812cedf9ef6ff5752f09a7ef8dacfbefdf77ad1719ce8d4fbf696c8ce9ac10
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 3F214771A00208AFDB10EFE5DD85EAEBBB4EF08354F11802AF601B62D0D7759E51CB64
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 004025A3 Relevance: 4.5, APIs: 3, Instructions: 47registryCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • RegEnumKeyW.ADVAPI32(00000000,00000000,?,000003FF), ref: 004025D6
                                                                                                                                                                                                                                                                                                                                    • RegEnumValueW.ADVAPI32(00000000,00000000,?,?), ref: 004025E9
                                                                                                                                                                                                                                                                                                                                    • RegCloseKey.KERNEL32(?,?,?,False,00000000,00000011,00000002), ref: 00402602
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: Enum$CloseValue
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 397863658-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 7fbb5ed368384a26a6648846920a51fdf34f9039e64d8fbbcef66f50d2c98f90
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 0e7c906900fe31acaf330cad7c7adc7318663c551a7f251ed3955534a0ac5e15
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 7fbb5ed368384a26a6648846920a51fdf34f9039e64d8fbbcef66f50d2c98f90
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 3D017171904205ABEB149F949E58AAF7678FF40308F10443EF505B61C0DBB84E41976D
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00406B21 Relevance: 4.5, APIs: 3, Instructions: 27synchronizationCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • WaitForSingleObject.KERNEL32(?,00000064), ref: 00406B32
                                                                                                                                                                                                                                                                                                                                    • WaitForSingleObject.KERNEL32(?,00000064,0000000F), ref: 00406B47
                                                                                                                                                                                                                                                                                                                                    • GetExitCodeProcess.KERNEL32(?,?), ref: 00406B54
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: ObjectSingleWait$CodeExitProcess
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 2567322000-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 8ff07581d1a9b179a96ae9e6ed15c74e4a8339333c72220da53f642c9193dd0c
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 81827f21470b180ac16ec44fd3a93238b7e84efd63ad9428fc6c7e52b3791a69
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 8ff07581d1a9b179a96ae9e6ed15c74e4a8339333c72220da53f642c9193dd0c
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: D9E09271600218BBDB10AB54CD01E9E7B6EDB45700F104037BA01B6190D6B1AE62DA94
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 004021AF Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 129comCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • CoCreateInstance.OLE32(004084DC,?,00000001,004084CC,?,?,00000045,000000CD,00000002,000000DF,000000F0), ref: 0040222E
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    • C:\Users\user\AppData\Local\Programs\Fiddler, xrefs: 0040226E
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: CreateInstance
                                                                                                                                                                                                                                                                                                                                    • String ID: C:\Users\user\AppData\Local\Programs\Fiddler
                                                                                                                                                                                                                                                                                                                                    • API String ID: 542301482-1332944209
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: f6884ca858164b1fab4697f623883e74de1effeda589ac9f9f08d33cd8a4233a
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 6031f0b9305bb7b05064ab4f17c9904609ff1c452577966f293784d012f03e0b
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: f6884ca858164b1fab4697f623883e74de1effeda589ac9f9f08d33cd8a4233a
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 4A410475A00209AFCB40DFE4C989EAD7BB5BF48308B20457EF505EB2D1DB799982CB54
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 004061F5 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 22fileCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • ReadFile.KERNEL32(00008001,00000000,00000000,00000000,00000000,ck%d,0040CEF0,004035FA,00008001,00008001,004034FE,ck%d,00004000,?,00000000,004033A8), ref: 00406209
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: FileRead
                                                                                                                                                                                                                                                                                                                                    • String ID: ck%d
                                                                                                                                                                                                                                                                                                                                    • API String ID: 2738559852-4000962198
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 076a4193e787d8b2f8fcded04b516b0b1a94860d7d4352c54bed072072f3bbd3
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: f029eba0d3a9f8ebddca737992f63761e7b4746d0aa70cfc26448402395c61e3
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 076a4193e787d8b2f8fcded04b516b0b1a94860d7d4352c54bed072072f3bbd3
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 5DE08632154119EBCF106E908C00EEB379CEF15350F014876F921E7440D230E8328FA4
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 0040252F Relevance: 3.1, APIs: 2, Instructions: 56registryCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • RegQueryValueExW.KERNEL32(00000000,00000000,?,?,?,?,?,?,?,?,00000033), ref: 00402560
                                                                                                                                                                                                                                                                                                                                    • RegCloseKey.KERNEL32(?,?,?,False,00000000,00000011,00000002), ref: 00402602
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: CloseQueryValue
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 3356406503-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 86fad1e446aa8b08d0eaee014d74f44cc203c290d92848c6c8e309bf312e033b
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 56becb9136408d6600d44ef8ee1fb8662aacbb8094ba5771dc16c944e9e3e358
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 86fad1e446aa8b08d0eaee014d74f44cc203c290d92848c6c8e309bf312e033b
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 39116D71900219EADF14DFA0DA589AE77B4BF04349F20447FE406B62C0D7B84A45EB5D
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00401389 Relevance: 3.0, APIs: 2, Instructions: 43windowCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • MulDiv.KERNEL32(00007530,00000000,00000000), ref: 004013E4
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(0040A230,00000402,00000000), ref: 004013F4
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: MessageSend
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 3850602802-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 44422ec4cc38e602ea7d4d2f5f5b5ed5cf3abc39ac7d2c30bec0a520d1a14902
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 4cdfa14fa51073ec67c7732ce5b449902c092ffb61bdcee16cd85da0f6320b18
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 44422ec4cc38e602ea7d4d2f5f5b5ed5cf3abc39ac7d2c30bec0a520d1a14902
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 0F01F4327212209BE7295B389D05B6B3698E710354F10863FF855F6AF1DA78CC429B4C
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00402439 Relevance: 3.0, APIs: 2, Instructions: 39registryCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • RegDeleteValueW.ADVAPI32(00000000,00000000,00000033), ref: 0040245B
                                                                                                                                                                                                                                                                                                                                    • RegCloseKey.ADVAPI32(00000000), ref: 00402464
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: CloseDeleteValue
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 2831762973-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 7259ca6d1f05d7483d87d2f391694756323bc0c45ff6c46f1d59c05c3536b230
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 5f3bbf62c25f8db8e4007b741f5cecc6338069a28fa7be666feaa9c5da8c1564
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 7259ca6d1f05d7483d87d2f391694756323bc0c45ff6c46f1d59c05c3536b230
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: FCF06232A04520ABDB10BBA89A8DAEE62A5AF54314F11443FE542B71C1CAFC4D02976D
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 004057DA Relevance: 3.0, APIs: 2, Instructions: 32comCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • OleInitialize.OLE32(00000000), ref: 004057EA
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 0040464D: SendMessageW.USER32(?,00000000,00000000,00000000), ref: 0040465F
                                                                                                                                                                                                                                                                                                                                    • OleUninitialize.OLE32(00000404,00000000), ref: 00405836
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: InitializeMessageSendUninitialize
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 2896919175-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 6b48ba6f2f212ba91ce3a94f30354a0bb9d691122d035e2291a9dc674f3f10d0
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 47b15979fd2771e4c3211fb1205fa32a21028b5b356e028cb2016eb217598776
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 6b48ba6f2f212ba91ce3a94f30354a0bb9d691122d035e2291a9dc674f3f10d0
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 9EF09073A006009AEB116B54AE01B6B77A4FBD4705F05843AEE84632A1DB794C128B9D
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00405BD6 Relevance: 3.0, APIs: 2, Instructions: 26COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • CreateDirectoryW.KERNEL32(0042C800,?), ref: 00405C18
                                                                                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32 ref: 00405C26
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: CreateDirectoryErrorLast
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 1375471231-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: cc352e270a5c7d66bac2c8a7d463e84c1d5eb2dce2c10117675193e318c6cc25
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: c951f985784cdd1ce4bfd292213bf749a6eab04c72170860fc3503b4537cd402
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: cc352e270a5c7d66bac2c8a7d463e84c1d5eb2dce2c10117675193e318c6cc25
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 67F0F4B0C04209DAEB00CFA4D9487EFBBB4FB04309F00842AD541B6281DBB882488BA9
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00405C65 Relevance: 3.0, APIs: 2, Instructions: 24processCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • CreateProcessW.KERNEL32(00000000,0042C800,00000000,00000000,00000000,04000000,00000000,00000000,00425F50,?,?,?,0042C800,?), ref: 00405C8E
                                                                                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(?,?,?,0042C800,?), ref: 00405C9B
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: CloseCreateHandleProcess
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 3712363035-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: dc4e0aa2a6e4d88c421582106c1d46ba955b2ae98b0244f92ff0ec2e2b298c3d
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 40cf053be3b9956ee682ea3cdb0c0f8171e7446c395677da6238e6dd92eb787c
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: dc4e0aa2a6e4d88c421582106c1d46ba955b2ae98b0244f92ff0ec2e2b298c3d
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: A4E0BFB4600219BFFB109B64EE49F7B7B7CEB00648F418425BD14F2551D77498149A7C
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00406A76 Relevance: 3.0, APIs: 2, Instructions: 22libraryloaderCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • GetModuleHandleA.KERNEL32(?,00000020,?,00403755,0000000C,?,?,?,?,?,?,?,?), ref: 00406A88
                                                                                                                                                                                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,?), ref: 00406AA3
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00406A06: GetSystemDirectoryW.KERNEL32(?,00000104), ref: 00406A1D
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00406A06: wsprintfW.USER32 ref: 00406A58
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00406A06: LoadLibraryExW.KERNEL32(?,00000000,00000008), ref: 00406A6C
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: AddressDirectoryHandleLibraryLoadModuleProcSystemwsprintf
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 2547128583-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 09a5520475afffee645b4664441d986c1138b09cf986c3d6b2a713b3520f987f
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: b294046d3e4dddd9dd595f306a5883e4a37f4b9faaa0bea25d2c73fe5553ab8f
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 09a5520475afffee645b4664441d986c1138b09cf986c3d6b2a713b3520f987f
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: DFE08636704610AAD610BA709E48C6773A89F86710302C83FF546F6140D738DC32AA79
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00406172 Relevance: 3.0, APIs: 2, Instructions: 16fileCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • GetFileAttributesW.KERNEL32(00000003,00403118,C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe,80000000,00000003), ref: 00406176
                                                                                                                                                                                                                                                                                                                                    • CreateFileW.KERNEL32(?,?,00000001,00000000,?,00000001,00000000), ref: 00406198
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: File$AttributesCreate
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 415043291-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: d28f21770be58fa8ab322e44db2ef64be76ab1399ecbb41bfd548adfe90c5e60
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: be52236ca1bfc2e7009fe271a1dfd41440a2a0d1ebc26b2cb4c8630358080456
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: d28f21770be58fa8ab322e44db2ef64be76ab1399ecbb41bfd548adfe90c5e60
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 30D09E31254301EFFF098F20DE16F2EBAA2EB94B00F11952CB682941E0DA715819DB15
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 0040614D Relevance: 3.0, APIs: 2, Instructions: 13COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • GetFileAttributesW.KERNEL32(?,?,00405D52,?,?,00000000,00405F28,?,?,?,?), ref: 00406152
                                                                                                                                                                                                                                                                                                                                    • SetFileAttributesW.KERNEL32(?,00000000), ref: 00406166
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: AttributesFile
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 3188754299-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: bc30e5c928ed30f9cb3e730bb3a024ff28878b527ec9bdb2640fa07c227b463d
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: c2cf34f9040e51e437c363cb0e130cc408ba31f940be0e29863539f2f5e5855d
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: bc30e5c928ed30f9cb3e730bb3a024ff28878b527ec9bdb2640fa07c227b463d
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 34D0C976504220AFC2102728AE0889BBB55DB552717028A35F8A9A22B0CB314C6A8694
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00405C30 Relevance: 3.0, APIs: 2, Instructions: 9COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • CreateDirectoryW.KERNEL32(?,00000000,00403638,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,0040392F,?,00000008,0000000A,0000000C), ref: 00405C36
                                                                                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32(?,00000008,0000000A,0000000C,?,?,?,?,?,?,?,?), ref: 00405C44
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: CreateDirectoryErrorLast
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 1375471231-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 713f00ffaa2578e3ba1d99e04a2fab42aad7341dbc9e3b83e2e07bf738d273a4
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 9ee767d7bb24d12ef4013e29ffdbd8bf560f6e5ed3fd997729cc5c4a92c9c995
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 713f00ffaa2578e3ba1d99e04a2fab42aad7341dbc9e3b83e2e07bf738d273a4
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 4EC08C30208601DAEA040B30DE08F073A50BB00340F214439A082E40A4CA308004CD2D
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00402896 Relevance: 1.5, APIs: 1, Instructions: 28COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • SetFilePointer.KERNEL32(00000000,?,00000000,?,?), ref: 004028B4
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 004065C9: wsprintfW.USER32 ref: 004065D6
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: FilePointerwsprintf
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 327478801-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: be6f6e28811eff9f61e37437ffce11e37693180493ed76b7cb4b0af79cd2cf68
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: a9a910f18d9475f192186a99a32baa3f0737176f8f71227260f04108cb8f5765
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: be6f6e28811eff9f61e37437ffce11e37693180493ed76b7cb4b0af79cd2cf68
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: CEE06D71A04108BFDB01ABA5BE499AEB3B9EB44354B20483FF102B00C8CA784D119A2D
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 004028E3 Relevance: 1.5, APIs: 1, Instructions: 27fileCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • FindNextFileW.KERNELBASE(00000000,?,?), ref: 004028F7
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: FileFindNext
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 2029273394-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 5b954426158c2ca41cc36e84599210e9dd56339a9916b46a6fcd77eb3ff9f3de
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 473c165911f75e28ccc6619a8506b26a35ad7b2b824692edad1139840d3140c2
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 5b954426158c2ca41cc36e84599210e9dd56339a9916b46a6fcd77eb3ff9f3de
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: D9E065716041099FDB11DBE5DE589AF7378EF00348F20447FD502F21D0E7B98A559B19
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 0040651D Relevance: 1.5, APIs: 1, Instructions: 24registryCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • RegCreateKeyExW.KERNEL32(00000000,?,00000000,00000000,00000000,?,00000000,?,00000000,?,?,?,00402E5C,00000000,?,?), ref: 00406546
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: Create
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 2289755597-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: b17b4e85cc10dff7c00d1995fa2300a068af545831f113dbcef6cd8b4d780b07
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: eb898ae1b777051f051c4ab58df26dcf4e878c8f9f4a5c47b005eb973d4bb03b
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: b17b4e85cc10dff7c00d1995fa2300a068af545831f113dbcef6cd8b4d780b07
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 75E0E6B2010109BEEF095F50EC0AD7F371DE708710F11452EF906D4051E6B5E9309A39
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00406224 Relevance: 1.5, APIs: 1, Instructions: 22fileCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • WriteFile.KERNEL32(00008001,00000000,00000000,00000000,00000000,00410450,0040CEF0,0040357E,0040CEF0,00410450,ck%d,00004000,?,00000000,004033A8,00000004), ref: 00406238
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: FileWrite
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 3934441357-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 4494c28c6fc58b77f7b94402ffbb10e79d92760fb9961e7d9dbcb201027e3d13
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 6296e445ee025582091cb162a3efd7a4c9b40fecddc6e186669f82422f4bfe72
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 4494c28c6fc58b77f7b94402ffbb10e79d92760fb9961e7d9dbcb201027e3d13
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 00E08C3221021AABDF10AE548C00EEB3B6CEB013A0F02447AFD16E3050D231E83097A9
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 004064EF Relevance: 1.5, APIs: 1, Instructions: 19registryCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • RegOpenKeyExW.KERNEL32(00000000,?,00000000,00000000,?,?,00000000,?,0040657D,?,?,?,?,: Completed,?,00000000), ref: 00406513
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: Open
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 71445658-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 8ee5b0d2344bda13eae74e7442d869633e0228d129a7f9cdea9876c3f2a2c01f
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 600eba3f25fec8fd2e0e76c9bf818d2d921b30b98e1649e5cb913c6f6c6f8cb9
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 8ee5b0d2344bda13eae74e7442d869633e0228d129a7f9cdea9876c3f2a2c01f
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 4DD0123600020DBBDF115E90ED01FAB3B5DAB08714F014826FE06A4091D775D530AB59
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00404601 Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • SetDlgItemTextW.USER32(?,?,00000000), ref: 0040461B
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: ItemText
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 3367045223-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 9f5f9317995870dd68fcf34551989b3f9c33a874f6e62bdf9e4bbf2fb329bfe5
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 8c21c04aad66b2c33a7da01c0675a528dff03a4dd10ca87410b46fafe8cab324
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 9f5f9317995870dd68fcf34551989b3f9c33a874f6e62bdf9e4bbf2fb329bfe5
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 39C04C75148300FFE641A755CC42F1FB7ADEF94315F44D92EB55CA11E1C63584209A2A
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 0040464D Relevance: 1.5, APIs: 1, Instructions: 9windowCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,00000000,00000000,00000000), ref: 0040465F
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: MessageSend
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 3850602802-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: bbff93e8e7b6fbbde5b3e6835961aabe87c2407351212feb15be82645ba7347e
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 8da91bbb186c2144be8ade9eda525c6e960391099661206c99069da2b113483a
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: bbff93e8e7b6fbbde5b3e6835961aabe87c2407351212feb15be82645ba7347e
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 8AC04C717402007BDA209B609E49F0777545790740F1448397241E50E0DA75E450DA1C
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00404636 Relevance: 1.5, APIs: 1, Instructions: 6windowCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(00000028,?,00000001,00404461), ref: 00404644
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: MessageSend
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 3850602802-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 7b4bfb7d8a9e2d5081e5309f0fc6290f036d11fbecd93854b33ee848cd02fe6a
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: d5eb2a856a333d3101ae379727e71f2b9456d74e3cdd14bb02a2274a242f0d94
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 7b4bfb7d8a9e2d5081e5309f0fc6290f036d11fbecd93854b33ee848cd02fe6a
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 7DB09235280640AADE215B00DE09F867B66A7A4701F008438B240640B0CAB204A1DB08
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 004035FD Relevance: 1.5, APIs: 1, Instructions: 6COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • SetFilePointer.KERNEL32(00000000,00000000,00000000,004032FB,?), ref: 0040360B
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: FilePointer
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 973152223-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 9851be0de28bb9513f6e500a0df6ea838ed72b99fd7baa621d8f85bec57c8f40
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 1f5c7ae16c2334422adcad36111bde95194575cbdac9b1f52e29a9f6e91cc98e
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 9851be0de28bb9513f6e500a0df6ea838ed72b99fd7baa621d8f85bec57c8f40
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 34B01271240300BFDA214F00DF09F057B21ABA0700F10C034B388380F086711035EB0D
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00405CA8 Relevance: 1.5, APIs: 1, Instructions: 6COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • ShellExecuteExW.SHELL32(?), ref: 00405CB7
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: ExecuteShell
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 587946157-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: accb29398adcd6f2598047f0fcddae8b07494e52d9cc9fcafc25c5f5f83f3143
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 080962bbef7e268e86b0d243ececfcd1ad47764945baea7f73af6130fa7b9bd6
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: accb29398adcd6f2598047f0fcddae8b07494e52d9cc9fcafc25c5f5f83f3143
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: A9C092F2100201EFE301CF80CB09F067BE8AF54306F028058E1899A060CB788800CB29
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00404623 Relevance: 1.5, APIs: 1, Instructions: 4COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • KiUserCallbackDispatcher.NTDLL(?,004043FA), ref: 0040462D
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: CallbackDispatcherUser
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 2492992576-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: a1d13c5b68b43feb2506ad2660f88dc7f5461ef8ac70b9f67d62976f64309ddb
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 1e4f5f38d13ad7c97f33cdc532a4b6885827051f8054e7174c13f2a159251e9b
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: a1d13c5b68b43feb2506ad2660f88dc7f5461ef8ac70b9f67d62976f64309ddb
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 7FA00176544900ABCA16AB50EF0980ABB72BBA8701B5288B9A285610348BB25821FB19
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00401FA9 Relevance: 1.3, APIs: 1, Instructions: 37COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405707: lstrlenW.KERNEL32(Completed,00000000,00000000,00000000,?,?,?,?,?,?,?,?,?,004030AD,00000000,?), ref: 0040573F
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405707: lstrlenW.KERNEL32(004030AD,Completed,00000000,00000000,00000000,?,?,?,?,?,?,?,?,?,004030AD,00000000), ref: 0040574F
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405707: lstrcatW.KERNEL32(Completed,004030AD), ref: 00405762
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405707: SetWindowTextW.USER32(Completed,Completed), ref: 00405774
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405707: SendMessageW.USER32(?,00001004,00000000,00000000), ref: 0040579A
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405707: SendMessageW.USER32(?,0000104D,00000000,00000001), ref: 004057B4
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405707: SendMessageW.USER32(?,00001013,?,00000000), ref: 004057C2
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405C65: CreateProcessW.KERNEL32(00000000,0042C800,00000000,00000000,00000000,04000000,00000000,00000000,00425F50,?,?,?,0042C800,?), ref: 00405C8E
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405C65: CloseHandle.KERNEL32(?,?,?,0042C800,?), ref: 00405C9B
                                                                                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(?,?,?,?,?,?), ref: 00401FF0
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00406B21: WaitForSingleObject.KERNEL32(?,00000064), ref: 00406B32
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00406B21: GetExitCodeProcess.KERNEL32(?,?), ref: 00406B54
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 004065C9: wsprintfW.USER32 ref: 004065D6
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: MessageSend$CloseHandleProcesslstrlen$CodeCreateExitObjectSingleTextWaitWindowlstrcatwsprintf
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 2972824698-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: c585365ce21b6d5395151cd2a40506cf0f1729d2abbd9443bf01b2e3265222fe
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: ba3ed7a1875ec382e1b93905bcfefb33a8222a1057eccf936486356e32fab672
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: c585365ce21b6d5395151cd2a40506cf0f1729d2abbd9443bf01b2e3265222fe
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 48F06D32905125EBDB20BBE599C59DE76F59B00318F25413FE102B21E1CB7C4E459A6E
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Non-executed Functions

                                                                                                                                                                                                                                                                                                                                    Function 0040506E Relevance: 63.5, APIs: 33, Strings: 3, Instructions: 489windowmemoryCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • GetDlgItem.USER32(?,000003F9), ref: 00405086
                                                                                                                                                                                                                                                                                                                                    • GetDlgItem.USER32(?,00000408), ref: 00405091
                                                                                                                                                                                                                                                                                                                                    • GlobalAlloc.KERNEL32(00000040,?), ref: 004050DB
                                                                                                                                                                                                                                                                                                                                    • LoadImageW.USER32(0000006E,00000000,00000000,00000000,00000000), ref: 004050F2
                                                                                                                                                                                                                                                                                                                                    • SetWindowLongW.USER32(?,000000FC,0040567B), ref: 0040510B
                                                                                                                                                                                                                                                                                                                                    • ImageList_Create.COMCTL32(00000010,00000010,00000021,00000006,00000000), ref: 0040511F
                                                                                                                                                                                                                                                                                                                                    • ImageList_AddMasked.COMCTL32(00000000,00000000,00FF00FF), ref: 00405131
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,00001109,00000002), ref: 00405147
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,0000111C,00000000,00000000), ref: 00405153
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,0000111B,00000010,00000000), ref: 00405165
                                                                                                                                                                                                                                                                                                                                    • DeleteObject.GDI32(00000000), ref: 00405168
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,00000143,00000000,00000000), ref: 00405193
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,00000151,00000000,00000000), ref: 0040519F
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,00001132,00000000,?), ref: 0040523A
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,0000110A,00000003,00000110), ref: 0040526A
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00404636: SendMessageW.USER32(00000028,?,00000001,00404461), ref: 00404644
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,00001132,00000000,?), ref: 0040527E
                                                                                                                                                                                                                                                                                                                                    • GetWindowLongW.USER32(?,000000F0), ref: 004052AC
                                                                                                                                                                                                                                                                                                                                    • SetWindowLongW.USER32(?,000000F0,00000000), ref: 004052BA
                                                                                                                                                                                                                                                                                                                                    • ShowWindow.USER32(?,00000005), ref: 004052CA
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,00000419,00000000,?), ref: 004053C5
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,00000147,00000000,00000000), ref: 0040542A
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,00000150,00000000,00000000), ref: 0040543F
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,00000420,00000000,00000020), ref: 00405463
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,00000200,00000000,00000000), ref: 00405483
                                                                                                                                                                                                                                                                                                                                    • ImageList_Destroy.COMCTL32(00000000), ref: 00405498
                                                                                                                                                                                                                                                                                                                                    • GlobalFree.KERNEL32(00000000), ref: 004054A8
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,0000014E,00000000,00000000), ref: 00405521
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,00001102,?,?), ref: 004055CA
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,0000113F,00000000,00000008), ref: 004055D9
                                                                                                                                                                                                                                                                                                                                    • InvalidateRect.USER32(?,00000000,00000001), ref: 00405604
                                                                                                                                                                                                                                                                                                                                    • ShowWindow.USER32(?,00000000), ref: 00405652
                                                                                                                                                                                                                                                                                                                                    • GetDlgItem.USER32(?,000003FE), ref: 0040565D
                                                                                                                                                                                                                                                                                                                                    • ShowWindow.USER32(00000000), ref: 00405664
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: MessageSend$Window$Image$ItemList_LongShow$Global$AllocCreateDeleteDestroyFreeInvalidateLoadMaskedObjectRect
                                                                                                                                                                                                                                                                                                                                    • String ID: $M$N
                                                                                                                                                                                                                                                                                                                                    • API String ID: 2564846305-813528018
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 324c1f4819b082b1ac23898fd696f3744d7b458a05ce4ad4b76fe224fda76cd4
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 3eec0fee992af157883e3c32035e614d90e83c27d9cb298499668aae57dc4bf7
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 324c1f4819b082b1ac23898fd696f3744d7b458a05ce4ad4b76fe224fda76cd4
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: B4029D70A00608EFDB20DF64CD45AAF7BB5FB44314F10857AE910BA2E0D7B98A42DF18
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 004062C8 Relevance: 26.4, APIs: 10, Strings: 5, Instructions: 130memorystringCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(00000000,?,00000000,00000001,?,00000000,?,?,00406463,?,?), ref: 00406303
                                                                                                                                                                                                                                                                                                                                    • GetShortPathNameW.KERNEL32(?,004265E8,00000400), ref: 0040630C
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 004060D7: lstrlenA.KERNEL32(00000000,00000000,00000000,00000000,?,00000000,004063BC,00000000,[Rename],00000000,00000000,00000000,?,?,?,?), ref: 004060E7
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 004060D7: lstrlenA.KERNEL32(00000000,?,00000000,004063BC,00000000,[Rename],00000000,00000000,00000000,?,?,?,?), ref: 00406119
                                                                                                                                                                                                                                                                                                                                    • GetShortPathNameW.KERNEL32(?,00426DE8,00000400), ref: 00406329
                                                                                                                                                                                                                                                                                                                                    • wsprintfA.USER32 ref: 00406347
                                                                                                                                                                                                                                                                                                                                    • GetFileSize.KERNEL32(00000000,00000000,00426DE8,C0000000,00000004,00426DE8,?,?,?,?,?), ref: 00406382
                                                                                                                                                                                                                                                                                                                                    • GlobalAlloc.KERNEL32(00000040,0000000A,?,?,?,?), ref: 00406391
                                                                                                                                                                                                                                                                                                                                    • lstrcpyA.KERNEL32(00000000,[Rename],00000000,[Rename],00000000,00000000,00000000,?,?,?,?), ref: 004063C9
                                                                                                                                                                                                                                                                                                                                    • SetFilePointer.KERNEL32(0040A5B0,00000000,00000000,00000000,00000000,004261E8,00000000,-0000000A,0040A5B0,00000000,[Rename],00000000,00000000,00000000), ref: 0040641F
                                                                                                                                                                                                                                                                                                                                    • GlobalFree.KERNEL32(00000000), ref: 00406430
                                                                                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(00000000,?,?,?,?), ref: 00406437
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00406172: GetFileAttributesW.KERNEL32(00000003,00403118,C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe,80000000,00000003), ref: 00406176
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00406172: CreateFileW.KERNEL32(?,?,00000001,00000000,?,00000001,00000000), ref: 00406198
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: File$CloseGlobalHandleNamePathShortlstrlen$AllocAttributesCreateFreePointerSizelstrcpywsprintf
                                                                                                                                                                                                                                                                                                                                    • String ID: %ls=%ls$[Rename]$eB$mB$mB
                                                                                                                                                                                                                                                                                                                                    • API String ID: 2171350718-2529913679
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: db523023045b127196975f0173c88122861a3a00dd6e7a8812d5311d7169504c
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 393dc7f902851ea198dcc63c4c4a9d42cf85fc1b4335f85fcc59b0ede2066cac
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: db523023045b127196975f0173c88122861a3a00dd6e7a8812d5311d7169504c
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 35313571600325BBD2206B29AD49F6B3A6CDF41744F17003AF902F62D3DA7CD82686BC
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00401000 Relevance: 26.4, APIs: 14, Strings: 1, Instructions: 125COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • DefWindowProcW.USER32(?,00000046,?,?), ref: 0040102C
                                                                                                                                                                                                                                                                                                                                    • BeginPaint.USER32(?,?), ref: 00401047
                                                                                                                                                                                                                                                                                                                                    • GetClientRect.USER32(?,?), ref: 0040105B
                                                                                                                                                                                                                                                                                                                                    • CreateBrushIndirect.GDI32(00000000), ref: 004010CF
                                                                                                                                                                                                                                                                                                                                    • FillRect.USER32(00000000,?,00000000), ref: 004010E4
                                                                                                                                                                                                                                                                                                                                    • DeleteObject.GDI32(?), ref: 004010ED
                                                                                                                                                                                                                                                                                                                                    • CreateFontIndirectW.GDI32(?), ref: 00401105
                                                                                                                                                                                                                                                                                                                                    • SetBkMode.GDI32(00000000,00000001), ref: 00401126
                                                                                                                                                                                                                                                                                                                                    • SetTextColor.GDI32(00000000,000000FF), ref: 00401130
                                                                                                                                                                                                                                                                                                                                    • SelectObject.GDI32(00000000,?), ref: 00401140
                                                                                                                                                                                                                                                                                                                                    • DrawTextW.USER32(00000000,00428A60,000000FF,00000010,00000820), ref: 00401156
                                                                                                                                                                                                                                                                                                                                    • SelectObject.GDI32(00000000,00000000), ref: 00401160
                                                                                                                                                                                                                                                                                                                                    • DeleteObject.GDI32(?), ref: 00401165
                                                                                                                                                                                                                                                                                                                                    • EndPaint.USER32(?,?), ref: 0040116E
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: Object$CreateDeleteIndirectPaintRectSelectText$BeginBrushClientColorDrawFillFontModeProcWindow
                                                                                                                                                                                                                                                                                                                                    • String ID: F
                                                                                                                                                                                                                                                                                                                                    • API String ID: 941294808-1304234792
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 9a1d1952d02a6587733a796de720c08d05f060e36ce2c67ddab1b612aed24319
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 3c33d73dbc2ffdf14e434cca4ae815e9cfbd561affca8d3971a90777bf4c3be5
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 9a1d1952d02a6587733a796de720c08d05f060e36ce2c67ddab1b612aed24319
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 34418B71800249AFCF058FA5DE459AFBBB9FF45314F00802EF592AA1A0CB34DA55DFA4
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00406930 Relevance: 12.3, APIs: 4, Strings: 3, Instructions: 69COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • CharNextW.USER32(?,*?|<>/":,00000000,"C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" ,771B3420,C:\Users\user~1\AppData\Local\Temp\,00000000,00403620,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,0040392F,?,00000008,0000000A,0000000C), ref: 00406993
                                                                                                                                                                                                                                                                                                                                    • CharNextW.USER32(?,?,?,00000000,?,00000008,0000000A,0000000C,?,?,?,?,?,?,?,?), ref: 004069A2
                                                                                                                                                                                                                                                                                                                                    • CharNextW.USER32(?,"C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" ,771B3420,C:\Users\user~1\AppData\Local\Temp\,00000000,00403620,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,0040392F,?,00000008,0000000A,0000000C), ref: 004069A7
                                                                                                                                                                                                                                                                                                                                    • CharPrevW.USER32(?,?,771B3420,C:\Users\user~1\AppData\Local\Temp\,00000000,00403620,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,0040392F,?,00000008,0000000A,0000000C), ref: 004069BA
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    • *?|<>/":, xrefs: 00406982
                                                                                                                                                                                                                                                                                                                                    • C:\Users\user~1\AppData\Local\Temp\, xrefs: 00406931
                                                                                                                                                                                                                                                                                                                                    • "C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" , xrefs: 00406974
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: Char$Next$Prev
                                                                                                                                                                                                                                                                                                                                    • String ID: "C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" $*?|<>/":$C:\Users\user~1\AppData\Local\Temp\
                                                                                                                                                                                                                                                                                                                                    • API String ID: 589700163-286343111
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 7c4491ab095b24fecdd0000f8ec6f0e383ca7ce11269c465865605e120ff5cd6
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: f71de53da442769783aaa0cb2fea73a85be5ebad64e4744dd58b15c84f46a956
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 7c4491ab095b24fecdd0000f8ec6f0e383ca7ce11269c465865605e120ff5cd6
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 2211C8A580021295DB303B548D40B7766F8AF59790F56403FED96B3AC1E77C4C9282BD
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00404668 Relevance: 12.1, APIs: 8, Instructions: 68COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • GetWindowLongW.USER32(?,000000EB), ref: 00404685
                                                                                                                                                                                                                                                                                                                                    • GetSysColor.USER32(00000000), ref: 004046C3
                                                                                                                                                                                                                                                                                                                                    • SetTextColor.GDI32(?,00000000), ref: 004046CF
                                                                                                                                                                                                                                                                                                                                    • SetBkMode.GDI32(?,?), ref: 004046DB
                                                                                                                                                                                                                                                                                                                                    • GetSysColor.USER32(?), ref: 004046EE
                                                                                                                                                                                                                                                                                                                                    • SetBkColor.GDI32(?,?), ref: 004046FE
                                                                                                                                                                                                                                                                                                                                    • DeleteObject.GDI32(?), ref: 00404718
                                                                                                                                                                                                                                                                                                                                    • CreateBrushIndirect.GDI32(?), ref: 00404722
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: Color$BrushCreateDeleteIndirectLongModeObjectTextWindow
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 2320649405-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 9dba601b91aff6ac4bf2e5f3eaee39d76022ea5146a5c84035e03d3d84c8d27c
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: a82f55cf926b6e885627a74f3bab1bdd796941bf972b84b6a5e459a8b365bc4c
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 9dba601b91aff6ac4bf2e5f3eaee39d76022ea5146a5c84035e03d3d84c8d27c
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 5C2177715007449BC7309F78DD48B577BF4AF42715B04893DEA96A36E0D738E944CB58
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 004026F1 Relevance: 10.7, APIs: 5, Strings: 1, Instructions: 153fileCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • ReadFile.KERNEL32(?,?,?,?), ref: 0040275D
                                                                                                                                                                                                                                                                                                                                    • MultiByteToWideChar.KERNEL32(?,00000008,?,?,?,00000001), ref: 00402798
                                                                                                                                                                                                                                                                                                                                    • SetFilePointer.KERNEL32(?,?,?,00000001,?,00000008,?,?,?,00000001), ref: 004027BB
                                                                                                                                                                                                                                                                                                                                    • MultiByteToWideChar.KERNEL32(?,00000008,?,00000000,?,00000001,?,00000001,?,00000008,?,?,?,00000001), ref: 004027D1
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00406253: SetFilePointer.KERNEL32(?,00000000,00000000,00000001), ref: 00406269
                                                                                                                                                                                                                                                                                                                                    • SetFilePointer.KERNEL32(?,?,?,00000001,?,?,00000002), ref: 0040287D
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: File$Pointer$ByteCharMultiWide$Read
                                                                                                                                                                                                                                                                                                                                    • String ID: 9
                                                                                                                                                                                                                                                                                                                                    • API String ID: 163830602-2366072709
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 92e9fc4a2bdedd92fae86453cef36d5fd9ef34bcac34679d19d253eb0147ccd2
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 4accc3969fe2a7d0a9ccf1f8c11f2542f9fe60139f427c4dffc821b6e73cd172
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 92e9fc4a2bdedd92fae86453cef36d5fd9ef34bcac34679d19d253eb0147ccd2
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: F3510B75D0011AABDF24AF94CA84AAEBB79FF04344F10817BE901B62D0D7B49D828B58
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00403033 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 51COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • DestroyWindow.USER32(00000000,00000000), ref: 0040304E
                                                                                                                                                                                                                                                                                                                                    • GetTickCount.KERNEL32 ref: 0040306C
                                                                                                                                                                                                                                                                                                                                    • wsprintfW.USER32 ref: 0040309A
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405707: lstrlenW.KERNEL32(Completed,00000000,00000000,00000000,?,?,?,?,?,?,?,?,?,004030AD,00000000,?), ref: 0040573F
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405707: lstrlenW.KERNEL32(004030AD,Completed,00000000,00000000,00000000,?,?,?,?,?,?,?,?,?,004030AD,00000000), ref: 0040574F
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405707: lstrcatW.KERNEL32(Completed,004030AD), ref: 00405762
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405707: SetWindowTextW.USER32(Completed,Completed), ref: 00405774
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405707: SendMessageW.USER32(?,00001004,00000000,00000000), ref: 0040579A
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405707: SendMessageW.USER32(?,0000104D,00000000,00000001), ref: 004057B4
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00405707: SendMessageW.USER32(?,00001013,?,00000000), ref: 004057C2
                                                                                                                                                                                                                                                                                                                                    • CreateDialogParamW.USER32(0000006F,00000000,00402F98,00000000), ref: 004030BE
                                                                                                                                                                                                                                                                                                                                    • ShowWindow.USER32(00000000,00000005), ref: 004030CC
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 00403017: MulDiv.KERNEL32(000122C2,00000064,00015822), ref: 0040302C
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: MessageSendWindow$lstrlen$CountCreateDestroyDialogParamShowTextTicklstrcatwsprintf
                                                                                                                                                                                                                                                                                                                                    • String ID: ... %d%%
                                                                                                                                                                                                                                                                                                                                    • API String ID: 722711167-2449383134
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: c844b91f24ced077c14a758bff1a62ed25a2b151bbc768ebfdb9d0a12ed3356e
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 5115fc65002d889466af77c95cd87ea57bd417394e766d10746fa218fe5c3c06
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: c844b91f24ced077c14a758bff1a62ed25a2b151bbc768ebfdb9d0a12ed3356e
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: CA01C830642610E7CB31AF50AE09A6B3FACAB04706F64043BF441B11D9D6B85A51CF9D
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00404FBC Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 48windowCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,0000110A,00000009,00000000), ref: 00404FD7
                                                                                                                                                                                                                                                                                                                                    • GetMessagePos.USER32 ref: 00404FDF
                                                                                                                                                                                                                                                                                                                                    • ScreenToClient.USER32(?,?), ref: 00404FF9
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,00001111,00000000,?), ref: 0040500B
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,0000113E,00000000,?), ref: 00405031
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: Message$Send$ClientScreen
                                                                                                                                                                                                                                                                                                                                    • String ID: f
                                                                                                                                                                                                                                                                                                                                    • API String ID: 41195575-1993550816
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 3b05e908374c5eb3ed0cc07743cf8bdf4b6f619b857b2f4ef42225a5e6fc1927
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: f32abc49a7be06d84d864a503b70a66925f192d82b82ee1d40ead4c3c6165fb8
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 3b05e908374c5eb3ed0cc07743cf8bdf4b6f619b857b2f4ef42225a5e6fc1927
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 79015E31900218BADB00DBA4DD85BFFBBBCEF55711F10412BBA51B61D0D7B4AA058BA5
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00402F98 Relevance: 10.5, APIs: 4, Strings: 2, Instructions: 36timeCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • SetTimer.USER32(?,00000001,000000FA,00000000), ref: 00402FB6
                                                                                                                                                                                                                                                                                                                                    • wsprintfW.USER32 ref: 00402FEA
                                                                                                                                                                                                                                                                                                                                    • SetWindowTextW.USER32(?,?), ref: 00402FFA
                                                                                                                                                                                                                                                                                                                                    • SetDlgItemTextW.USER32(?,00000406,?), ref: 0040300C
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: Text$ItemTimerWindowwsprintf
                                                                                                                                                                                                                                                                                                                                    • String ID: unpacking data: %d%%$verifying installer: %d%%
                                                                                                                                                                                                                                                                                                                                    • API String ID: 1451636040-1158693248
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 66e00694bf9c2fcf5817c91216ca696d61ea9415c1ed8b1f40767934bfa15992
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 34bde3d48a8f942e304b41271f5ed33cd318c4bcfffe3c394610842cbdf8d478
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 66e00694bf9c2fcf5817c91216ca696d61ea9415c1ed8b1f40767934bfa15992
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 10F0317054020CABEF249F60DD4ABEE3B68EB40349F00C03AF606B51D0DBB99A55DB99
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00402955 Relevance: 9.1, APIs: 6, Instructions: 91memoryfileCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • GlobalAlloc.KERNEL32(00000040,?,00000000,40000000,00000002,00000000,00000000,000000F0), ref: 004029B6
                                                                                                                                                                                                                                                                                                                                    • GlobalAlloc.KERNEL32(00000040,?,00000000,?), ref: 004029D2
                                                                                                                                                                                                                                                                                                                                    • GlobalFree.KERNEL32(?), ref: 00402A0B
                                                                                                                                                                                                                                                                                                                                    • GlobalFree.KERNEL32(00000000), ref: 00402A1E
                                                                                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(?,?,?,?,?,00000000,40000000,00000002,00000000,00000000,000000F0), ref: 00402A3A
                                                                                                                                                                                                                                                                                                                                    • DeleteFileW.KERNEL32(?,00000000,40000000,00000002,00000000,00000000,000000F0), ref: 00402A4D
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: Global$AllocFree$CloseDeleteFileHandle
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 2667972263-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 99a72b25e835b2ea7940c93163da3ca2f710589d23dcac0e6d207047e8163098
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 0665ed67c6e74a6a0a4f3ff5189880cf350c83190f31c90c7548f1ee6fedf688
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 99a72b25e835b2ea7940c93163da3ca2f710589d23dcac0e6d207047e8163098
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 5731CF71D00124BBCF21AFA5CD89D9E7EB9AF48364F10023AF511762E1CB794C429B98
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00402EAE Relevance: 7.6, APIs: 5, Instructions: 84registryCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • RegEnumValueW.ADVAPI32(?,00000000,?,?,00000000,00000000,00000000,00000000,?,?,00100020,?,?,?), ref: 00402F02
                                                                                                                                                                                                                                                                                                                                    • RegEnumKeyW.ADVAPI32(?,00000000,?,00000105), ref: 00402F4E
                                                                                                                                                                                                                                                                                                                                    • RegCloseKey.ADVAPI32(?,?,?), ref: 00402F57
                                                                                                                                                                                                                                                                                                                                    • RegDeleteKeyW.ADVAPI32(?,?), ref: 00402F6E
                                                                                                                                                                                                                                                                                                                                    • RegCloseKey.ADVAPI32(?,?,?), ref: 00402F79
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: CloseEnum$DeleteValue
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 1354259210-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: acaf4fc398a66893391ff6439948fdf9f5bbe1b70c5a8b97b274ab2e0b988985
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 09cb529ade84319239dc5b50ebc61ba38ec7146c59f77be9acf979a475766563
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: acaf4fc398a66893391ff6439948fdf9f5bbe1b70c5a8b97b274ab2e0b988985
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: FD218B7150011ABFDF119F90CE89EEF7B7DEB10388F100076B949B11E0D7B48E54AA68
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00401D86 Relevance: 7.6, APIs: 5, Instructions: 75windowCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • GetDlgItem.USER32(?,?), ref: 00401D9F
                                                                                                                                                                                                                                                                                                                                    • GetClientRect.USER32(?,?), ref: 00401DEA
                                                                                                                                                                                                                                                                                                                                    • LoadImageW.USER32(?,?,?,?,?,?), ref: 00401E1A
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(?,00000172,?,00000000), ref: 00401E2E
                                                                                                                                                                                                                                                                                                                                    • DeleteObject.GDI32(00000000), ref: 00401E3E
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: ClientDeleteImageItemLoadMessageObjectRectSend
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 1849352358-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 5409701174cc037821a308746f1ef467676f72fb6d339cbf159e8a6e8e9d4097
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 305ae2269dae07fc62aa10ca295236b4d3f8ba7b944ef9ab65218e6e9e6ea469
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 5409701174cc037821a308746f1ef467676f72fb6d339cbf159e8a6e8e9d4097
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: FE210772A04119AFCB15DF98DE45AEEBBB5EF08304F14003AF945F62A0D7789D81DB98
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00401E53 Relevance: 7.5, APIs: 5, Instructions: 43COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • GetDC.USER32(?), ref: 00401E56
                                                                                                                                                                                                                                                                                                                                    • GetDeviceCaps.GDI32(00000000,0000005A), ref: 00401E70
                                                                                                                                                                                                                                                                                                                                    • MulDiv.KERNEL32(00000000,00000000), ref: 00401E78
                                                                                                                                                                                                                                                                                                                                    • ReleaseDC.USER32(?,00000000), ref: 00401E89
                                                                                                                                                                                                                                                                                                                                    • CreateFontIndirectW.GDI32(0040CDF8), ref: 00401ED8
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: CapsCreateDeviceFontIndirectRelease
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 3808545654-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 0c77369168bd7cf80ce1876f53bc619ac932c7fdeb75926795b65e903bb74869
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 3094fbe596e336cf4bf26b394f16fb1ed862d687e7810168c788cd964747d1d2
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 0c77369168bd7cf80ce1876f53bc619ac932c7fdeb75926795b65e903bb74869
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 74018871904240EFE7005BB4EE99BDD3FB4AF15301F20997AF581B62E2C6B904859BED
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00401C48 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 84windowtimeCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • SendMessageTimeoutW.USER32(00000000,00000000,?,?,?,00000002,?), ref: 00401CB8
                                                                                                                                                                                                                                                                                                                                    • SendMessageW.USER32(00000000,00000000,?,?), ref: 00401CD0
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: MessageSend$Timeout
                                                                                                                                                                                                                                                                                                                                    • String ID: !
                                                                                                                                                                                                                                                                                                                                    • API String ID: 1777923405-2657877971
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 483d17516720e2e8ab10c88a8952f1e8a1428c38e87ce861c3d636333663c13f
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 6f1bda49a4997cd21eb3df4025a59d3ac8dc5d95b16fa6faa4f7de2005ea5abe
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 483d17516720e2e8ab10c88a8952f1e8a1428c38e87ce861c3d636333663c13f
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 57219C7191421AAFEB05AFA4D94AAFE7BB0EF84304F10453EF601B61D0D7B84941CB98
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00405FFC Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 42COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • CharNextW.USER32(?,?,C:\,?,00406070,C:\,C:\,771B3420,?,771B2EE0,00405DAE,?,771B3420,771B2EE0,"C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe" ), ref: 0040600A
                                                                                                                                                                                                                                                                                                                                    • CharNextW.USER32(00000000), ref: 0040600F
                                                                                                                                                                                                                                                                                                                                    • CharNextW.USER32(00000000), ref: 00406027
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: CharNext
                                                                                                                                                                                                                                                                                                                                    • String ID: C:\
                                                                                                                                                                                                                                                                                                                                    • API String ID: 3213498283-3404278061
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: fbda1c126528e77f8eb1d19cbf263a4f79599cb979c26f3e0093e3aefe43dd94
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 6b36e5aaf6ec4384ffc5acae3f619c12edb839be27b3f0f06f1fa7befb24a934
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: fbda1c126528e77f8eb1d19cbf263a4f79599cb979c26f3e0093e3aefe43dd94
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 00F0963198061595DE31F6584C45A7767BCDF55394B02807BE602B71C1D7B888E186DA
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00405F51 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 16stringCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • lstrlenW.KERNEL32(?,C:\Users\user~1\AppData\Local\Temp\,00403632,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,0040392F,?,00000008,0000000A,0000000C), ref: 00405F57
                                                                                                                                                                                                                                                                                                                                    • CharPrevW.USER32(?,00000000,?,C:\Users\user~1\AppData\Local\Temp\,00403632,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,0040392F,?,00000008,0000000A,0000000C), ref: 00405F61
                                                                                                                                                                                                                                                                                                                                    • lstrcatW.KERNEL32(?,0040A014), ref: 00405F73
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    • C:\Users\user~1\AppData\Local\Temp\, xrefs: 00405F51
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: CharPrevlstrcatlstrlen
                                                                                                                                                                                                                                                                                                                                    • String ID: C:\Users\user~1\AppData\Local\Temp\
                                                                                                                                                                                                                                                                                                                                    • API String ID: 2659869361-2382934351
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 1ad634ba4b40e47f3a67f9c69e663da68b942b7adec5edae9754e9c2c01f4b37
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: a99b79add3f29df6de165ac7772d062030ca4d7d7db28986cd5f5f8a2b4e36b3
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 1ad634ba4b40e47f3a67f9c69e663da68b942b7adec5edae9754e9c2c01f4b37
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: C9D0A731101934AAC211AF548D04CDF639C9F463443414C3BF501B30A1CB7D6D6287FD
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00402643 Relevance: 6.1, APIs: 2, Strings: 2, Instructions: 65stringCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • lstrlenA.KERNEL32(C:\Users\user~1\AppData\Local\Temp\nsx8D7.tmp\System.dll), ref: 0040269A
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: lstrlen
                                                                                                                                                                                                                                                                                                                                    • String ID: C:\Users\user~1\AppData\Local\Temp\nsx8D7.tmp\System.dll$False
                                                                                                                                                                                                                                                                                                                                    • API String ID: 1659193697-3619656839
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 4a7ca060f9d42d51e9c06972594870bc5d8f388ccf8098f59ff2ee055a2449ae
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 3f04c1712215209208acb7642429b7129ba4cba87377fac841ce35f74c6015ca
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 4a7ca060f9d42d51e9c06972594870bc5d8f388ccf8098f59ff2ee055a2449ae
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: DF110A72A40205BBCB00BBB19E4AA9F76A19F50748F21483FF502F61C1DAFD89D1665E
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00403C62 Relevance: 6.0, APIs: 2, Strings: 2, Instructions: 20COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(00000378,C:\Users\user~1\AppData\Local\Temp\,00403B95,?,?,00000008,0000000A,0000000C,?,?,?,?,?,?,?,?), ref: 00403C74
                                                                                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(00000384,C:\Users\user~1\AppData\Local\Temp\,00403B95,?,?,00000008,0000000A,0000000C,?,?,?,?,?,?,?,?), ref: 00403C88
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    • C:\Users\user~1\AppData\Local\Temp\, xrefs: 00403C67
                                                                                                                                                                                                                                                                                                                                    • C:\Users\user~1\AppData\Local\Temp\nsx8D7.tmp, xrefs: 00403C98
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: CloseHandle
                                                                                                                                                                                                                                                                                                                                    • String ID: C:\Users\user~1\AppData\Local\Temp\$C:\Users\user~1\AppData\Local\Temp\nsx8D7.tmp
                                                                                                                                                                                                                                                                                                                                    • API String ID: 2962429428-417169946
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: aee73ed6a062803200b229e34675cefdb9ab84dda1d90898f0442dcc956d8ee4
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 8c071fc62b7e332c461b44292a81ac7d95f2e272703a36c0b89becc6b1ca42eb
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: aee73ed6a062803200b229e34675cefdb9ab84dda1d90898f0442dcc956d8ee4
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: C9E04F3140471896D5246F78AE4E9853A185F41335B248326F078F21F0C738995A5AA9
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 0040567B Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 46windowCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • IsWindowVisible.USER32(?), ref: 004056AA
                                                                                                                                                                                                                                                                                                                                    • CallWindowProcW.USER32(?,?,?,?), ref: 004056FB
                                                                                                                                                                                                                                                                                                                                      • Part of subcall function 0040464D: SendMessageW.USER32(?,00000000,00000000,00000000), ref: 0040465F
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: Window$CallMessageProcSendVisible
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 3748168415-3916222277
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 566dc257d6ecfccfd9b8870a3abbf6eef49955a94d49fdbfe0e36d929d226f84
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 56d6425d582badedfe6e85af8287ead15e3733fa9de593adb61ce7d3cc062d63
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 566dc257d6ecfccfd9b8870a3abbf6eef49955a94d49fdbfe0e36d929d226f84
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 1601B131101608ABDF205F41DE80AAF3A39EB84754F90483BF509761D0D77B8C929E6D
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 00405F9D Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 16stringCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • lstrlenW.KERNEL32(80000000,C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp,00403141,C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp,C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp,C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe,C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe,80000000,00000003), ref: 00405FA3
                                                                                                                                                                                                                                                                                                                                    • CharPrevW.USER32(80000000,00000000,80000000,C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp,00403141,C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp,C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp,C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe,C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp\FiddlerSetup.exe,80000000,00000003), ref: 00405FB3
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    • C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp, xrefs: 00405F9D
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: CharPrevlstrlen
                                                                                                                                                                                                                                                                                                                                    • String ID: C:\Users\user~1\AppData\Local\Temp\nsiE437.tmp
                                                                                                                                                                                                                                                                                                                                    • API String ID: 2709904686-1653284194
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 4d9a109f9f2e29ac56c0736ccbd4fa6bf3a04a93e1f4050107f2eb61dc35f761
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 76a3089014cba6cdede5e63107dce03d3cc6699033e3804c636830b34c248568
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 4d9a109f9f2e29ac56c0736ccbd4fa6bf3a04a93e1f4050107f2eb61dc35f761
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: D1D05EB2401921DAE3126B04DD00D9F63ACEF12300746482AE840E7161D77C5C8186AD
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 004060D7 Relevance: 5.0, APIs: 4, Instructions: 37stringCOMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                                                                                    • lstrlenA.KERNEL32(00000000,00000000,00000000,00000000,?,00000000,004063BC,00000000,[Rename],00000000,00000000,00000000,?,?,?,?), ref: 004060E7
                                                                                                                                                                                                                                                                                                                                    • lstrcmpiA.KERNEL32(00000000,00000000), ref: 004060FF
                                                                                                                                                                                                                                                                                                                                    • CharNextA.USER32(00000000,?,00000000,004063BC,00000000,[Rename],00000000,00000000,00000000,?,?,?,?), ref: 00406110
                                                                                                                                                                                                                                                                                                                                    • lstrlenA.KERNEL32(00000000,?,00000000,004063BC,00000000,[Rename],00000000,00000000,00000000,?,?,?,?), ref: 00406119
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2524025379.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2523920207.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524165814.0000000000408000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000040A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000424000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000427000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.000000000042A000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000433000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2524271016.0000000000439000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    • Associated: 00000003.00000002.2525030072.000000000043E000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_400000_FiddlerSetup.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID: lstrlen$CharNextlstrcmpi
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID: 190613189-0
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 95544cd0fbc1c68b6442233ab1bb13ea59abf9e1bd9498eecabbd7b85e38d71d
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 41d5ee4ea83cc4d308be6584820b02a87ee89e19241337121ce36a8d52a16fb8
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 95544cd0fbc1c68b6442233ab1bb13ea59abf9e1bd9498eecabbd7b85e38d71d
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 9DF06235504418EFC702DBA9DD00D9EBFA8EF46350B2640B9E841FB211DA74DE11AB99
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Executed Functions

                                                                                                                                                                                                                                                                                                                                    Function 02850D20 Relevance: 1.3, Strings: 1, Instructions: 96COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000013.00000002.1367498662.0000000002850000.00000040.00000800.00020000.00000000.sdmp, Offset: 02850000, based on PE: false
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_19_2_2850000_SetupHelper.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                                                                                    • String ID: $q
                                                                                                                                                                                                                                                                                                                                    • API String ID: 0-1301096350
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: c72eff6ba8240d594ca0e42d3336daa1f0c0f2c6373e168a7f5519853985ef3f
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 9782afdbd537f042fb610803351c567a182d4aaa6f099efc2f319e99c48af8ad
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: c72eff6ba8240d594ca0e42d3336daa1f0c0f2c6373e168a7f5519853985ef3f
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 2E31D235A002199FCB10DB78D8057AEBBF0FF84315F1446AAD919EB281EB706A19CBD1
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 0285046F Relevance: .5, Instructions: 512COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000013.00000002.1367498662.0000000002850000.00000040.00000800.00020000.00000000.sdmp, Offset: 02850000, based on PE: false
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_19_2_2850000_SetupHelper.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 32be776b0d8e119adf11adea8de1efb225a53a2ab382639758f5fefab69f798d
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 29c6499bfc819224dfd49c0f272cc6a04624ad610a21b7e57525a727a465afae
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 32be776b0d8e119adf11adea8de1efb225a53a2ab382639758f5fefab69f798d
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: EA318C7480A3949FDB13EF34E8A46997F71EF46210B0945DBC4448B1ABDB38590BCB46
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 02850900 Relevance: .2, Instructions: 222COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000013.00000002.1367498662.0000000002850000.00000040.00000800.00020000.00000000.sdmp, Offset: 02850000, based on PE: false
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_19_2_2850000_SetupHelper.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: bb4fdc744cb0a9d0f1881e693bb451e40d826d4b4a8bfdecda692f3d8051916c
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 050e22bd44f2d331ed239060b6ae4db5726ccc0e885917545996b93bd0066c54
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: bb4fdc744cb0a9d0f1881e693bb451e40d826d4b4a8bfdecda692f3d8051916c
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 1581E239B003149FDB15DBB4D854AAABBF2FF88311F15856AE51ACB3A4EB31D841CB40
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 02850C5F Relevance: .1, Instructions: 58COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000013.00000002.1367498662.0000000002850000.00000040.00000800.00020000.00000000.sdmp, Offset: 02850000, based on PE: false
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_19_2_2850000_SetupHelper.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: e1cd855b826f63c445def2f87a30aa425448abca8577b5629451c5d493e36406
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 974bcdb46121ec03c003b49603d562dc6df40548b0e55086b322487e59487332
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e1cd855b826f63c445def2f87a30aa425448abca8577b5629451c5d493e36406
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 26117C3C7042289BEB248B69E96476A3AA5EF49358F20416AEC4AC7280FB31ED45C741
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 02850848 Relevance: .0, Instructions: 37COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000013.00000002.1367498662.0000000002850000.00000040.00000800.00020000.00000000.sdmp, Offset: 02850000, based on PE: false
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_19_2_2850000_SetupHelper.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: e59090e61fa6d9c507bb1cb06aac44e827d307c07561d0c099a929f589253c56
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: f37098ebdf2f9847d2b831a410569a231b0ea38c160b8a9e0810384706cdd5fb
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e59090e61fa6d9c507bb1cb06aac44e827d307c07561d0c099a929f589253c56
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: D401CC78D003049FCB16FF64E954A6D7BB5FB88304F108A69D904572ACDB756A0BCF81
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 02850B8F Relevance: .0, Instructions: 33COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000013.00000002.1367498662.0000000002850000.00000040.00000800.00020000.00000000.sdmp, Offset: 02850000, based on PE: false
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_19_2_2850000_SetupHelper.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 34d57c8df47401b898c4a518918e3be6e3b2b376be8d697f807d00db2e2a1973
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 204b01cd08aac5a29fc6504dc4523d58661a323b1c02df1d5d954c936383731e
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 34d57c8df47401b898c4a518918e3be6e3b2b376be8d697f807d00db2e2a1973
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 3CF08276F041155BC7409AAC58003EF7AE69BC8721F16046AD509E7389EA708A16C7D1
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 02850D10 Relevance: .0, Instructions: 30COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000013.00000002.1367498662.0000000002850000.00000040.00000800.00020000.00000000.sdmp, Offset: 02850000, based on PE: false
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_19_2_2850000_SetupHelper.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 8287ffbaa41f7a9d4fc3a6e0e7a526cdb7e51d8aba89eefd5453d69603fe9337
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: c4803e6c34b5f7cae4579a8b51ccef91cf75a736f2fe21207df1fefd6efe4ef4
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 8287ffbaa41f7a9d4fc3a6e0e7a526cdb7e51d8aba89eefd5453d69603fe9337
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: A3F0E53AE041188BCB20D675FD14BEFBBF4EB80361F99067AD919D7150EB70B60987A0
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 02850E78 Relevance: .0, Instructions: 23COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000013.00000002.1367498662.0000000002850000.00000040.00000800.00020000.00000000.sdmp, Offset: 02850000, based on PE: false
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_19_2_2850000_SetupHelper.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 31a145461c3081f3234c7c25faebe6c7b5ee8498cb2ddc438140bfec061074d5
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: 3a5a1cd2c55a00e3938a9c8e616b3beecb452cff05b61ae5dbca456c9878b60e
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 31a145461c3081f3234c7c25faebe6c7b5ee8498cb2ddc438140bfec061074d5
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 74E092B5E00119CFCB41EFA8D9417AABBB1FF84304F110566D918E7385E3305A16CBD1
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                    Function 02850E88 Relevance: .0, Instructions: 21COMMON
                                                                                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                                                                                    • Source File: 00000013.00000002.1367498662.0000000002850000.00000040.00000800.00020000.00000000.sdmp, Offset: 02850000, based on PE: false
                                                                                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_19_2_2850000_SetupHelper.jbxd
                                                                                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                                                                                                                    • Opcode ID: 29b4ef24164272a7c7ff34f90645b3faaaf3f95b16052b3b51ff512b2df4a664
                                                                                                                                                                                                                                                                                                                                    • Instruction ID: b8675735f44464cd2a8709a6bac027b6e7fd2fbb451d7991f995cd51cdbd9d4f
                                                                                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 29b4ef24164272a7c7ff34f90645b3faaaf3f95b16052b3b51ff512b2df4a664
                                                                                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: CCE0B6B5E112199FDB40EBA8D8027AABBB8EB88310F104566D919E7284E7715A11CBD1
                                                                                                                                                                                                                                                                                                                                    Uniqueness

                                                                                                                                                                                                                                                                                                                                    Uniqueness Score: -1.00%